We trust our mobile devices. Whether they are company- or employee-owned, we treat them as an integral part of both our personal and professional life. We take photos of our friends and family, we communicate with colleagues, and log onto business applications. Mobile devices also have the same access to business data as desktop computers.
Unlike our desktop, there are endless ways for cyber attackers to deliver phishing links via iOS, Android and Chrome OS apps. They can send us a phishing link in virtually any app on our device. These include social media, messaging, gaming, and even dating apps.
The design of mobile interfaces obfuscates details typically available on a desktop that can help us identify a phishing attack. Mobile URLs are truncated and users don’t know how to hover over links to expose the full URL or email address. This means there is a greater imperative to have phishing protection on mobile devices.
Using traditional anti-phishing approaches on mobile devices quickly becomes a privacy issue because they inspect email messages to block attacks. All mobile devices, even if company issued, are considered to be personal devices. Only inspecting email content would miss the other 99% of methods used for sending a phishing link to a mobile user.
Most anti-phishing solutions rely on a list of nefarious domains and web addresses. However, over 1.5 million mobile phishing sites are created every month. And most phishing sites are built and dismantled in a matter of hours or days. Relying on reputation-based methods to detect a mobile phishing attack alone is insufficient.
360-degree phishing protection
Lookout Phishing and Content Protection stops both known and unknown phishing threats. We combine our Phishing AI engine with reputation lists of known phishing sites. This engine continuously monitors for the establishment of new websites purpose-built for phishing. Phishing AI enables Lookout to provide near real-time protection against zero-hour phishing attacks.
We compare every web request from your mobile device with this combined dataset. This comparison is made for all the network interfaces of your mobile device – Bluetooth, Wi-Fi, and cellular. By performing the comparison on the local endpoint device rather than sending it to the cloud, we are respecting the individual’s privacy. The result is 360-degree protection from known and unknown phishing attacks.
Content Protection via web filtering
Our scalable approach to phishing protection also provides web filtering of inappropriate web content. We enable the security administrator to select categories of content to be filtered in specific geographies. In addition, they can upload domains and web addresses of inappropriate or restricted sites that will also be filtered.