Financial services organizations are suffering from an increased number of phishing attacks, according to a new report Mobile Security in the Financial Services, published by Wandera.
Researchers analyzed 4.7 million events across the subset of devices over the 6-month period. For mobile alone, each organization had an approximate average of 21,000 events. The report found that across other industries, phishing represents 42% of attacks, which is significantly lower in volume than those of the financial services industry, which is 57%.
“Phishing attacks are a daily threat for financial services companies and employees need regular training to help identify phishing attacks – not only via email, but also through social media and other messaging platforms. However, given the growing sophistication of phishing campaigns, FS companies can’t rely on awareness training as the only layer of defense. A multi-level approach needs to be adopted at the endpoint and in the network to offer comprehensive protection against phishing,” the report said.
The financial services industry is also at a higher risk of man-in-the-middle attacks (36%), a full 12 points higher than the cross-industry threat of 24%. The heightened number of threats could be the result of public WiFi usage as well as higher than normal travel activity, the report said.
According to those numbers, for every 20 people in financial services, one individual has their lock screen disabled, resulting in enormous ramifications if the device is lost or stolen. Oddly, though, only 1% of financial services organizations have devices impacted by crypto-jacking, which is lower than the 2.65% detected across other industries.
“In the financial services industry, as in many sectors, the security of client information is the most important asset, so it’s disconcerting to find mobile security still an afterthought,” said Michael Covington, vice president of product strategy at Wandera. “Financial organizations are struggling to keep pace with increasing regulations, rapid cloud migrations and rampant BYOD adoption, among other emerging technology trends, making it crucial that industry security pros work to secure not just the devices, but also the apps installed on them and the data they access."