Enterprise users are three times more likely to fall for a phishing link on mobile, according to Workspace ONE Mobile Threat Defense technology partner Lookout. Smartphones are essential to remote and hybrid work. These work styles, combined with BYOD culture, blur the line between the personal and professional. They also pave a path for hackers to target enterprise employees. Threat actors know that mobile devices aren’t usually secured in the same way as computers, and mobile phishing is one of the primary ways threat actors gain access to corporate resources.
The sheer number of emails sent every single day means that it’s an obvious attack vector for cyber criminals. More than 300 billion emails are sent every day — and it’s believed that at least three billion of these are malicious phishing emails. By launching a phishing attack that mimics the context that a recipient expects, attackers can direct a user to a fake webpage that appears to be a familiar application login page, where the user’s credentials are then captured when they log in.
Mobile phishing attacks can be hard to detect because they extend beyond regular email phishing to SMS-based attacks (smishing), and social media and messaging apps. It is hard to defend against threats designed for mobile devices, and that target commonplace mobile use cases. Threats that email phishing protection cannot prevent include:
- SMS/text messaging: phishing texts commonly impersonate banking apps, shipping providers, and even your boss/CEO.
- Messaging platforms: suspicious links in messages lure users to download spyware.
- Ad networks: contextually related ads have embedded malicious URLs.
This month we launched the beta of Workspace ONE Mobile Threat Defense Phishing and Content Protection (PCP). The preview of our new phishing and content protection solution works in concert with Workspace ONE Tunnel and Workspace ONE Intelligent Hub to offer protection from web and content vulnerabilities from phishing emails, SMSs, and messaging apps. The protection also applies to malicious URLs, web pages, videos, photos, and web and content behaviors and configurations. To protect against these myriad phishing and content threats, Lookout inspects millions of URLs and evaluates certificates associated with domains. Lookout maintains a URL database of suspicious and inappropriate information that powers the filtering included in Workspace ONE Mobile Threat Defense.
Web filtering has been challenging to enable on mobile devices in the past. For example, Android allows for one VPN only, and most filtering solutions require use of VPN settings to intercept traffic for filtering. Workspace ONE Mobile Threat Defense Phishing and Content Protection improves the implementation of content filtering by building it into the secure connections of Workspace ONE Tunnel. Organizations can protect mobile endpoints while enabling secure access to corporate resources with per-app or full device tunneling of traffic, thereby eliminating VPN conflicts.
Workspace ONE Mobile Threat Defense is an add-on to Workspace ONE UEM. Workspace ONE Mobile Threat Defense is also available as an add-on to Workspace ONE UEM products: all Essentials bundles, Advanced, and Enterprise. Phishing and Content Protection is a new capability that is included in Workspace ONE Mobile Threat Defense. The PCP capability will require Workspace ONE Intelligent Hub and the Workspace ONE Tunnel application.
Sign up for the beta of Mobile Threat Defense Phishing and Content Protection
All current Workspace ONE Mobile Threat Defense customers can sign up for the beta trial here. Customers considering a trial of Workspace ONE Mobile Threat Defense are also eligible. Register for the beta by logging into the Workspace ONE Beta Portal and adding Workspace ONE Mobile Threat Defense as a product you’re interested in, within your user profile. Once added, you can join the beta by finding Workspace ONE Mobile Threat Defense Phishing and Content Protection Beta in the program list. We also invite you to see our solution in action! Watch the Mobile Threat Defense demo video, check out the solution brief (PDF), and review the VMware Docs.