Mobile phishing attacks on energy workers soared by 161% compared to 2020, thanks to a surge in the first half of 2021, targeting almost 20% of all energy workers.
In analyzing the tactics used by threat actors, Lookout researchers have identified 67% of phishing cases in which attackers use email, SMS, phishing apps and login pages at fake corporate sites to gain access to internal networks that can then be used to locate vulnerable systems and launch attacks on industrial control systems.
While iPhones are less vulnerable to this type of attack, Lookout shows that the case for Android devices is different, since most of the attacks come from 56% of Android users using outdated and vulnerable versions of the operating system.
Since the Lookout report shows that anti-phishing training could help reduce clicking on phishing links by 50%, companies should therefore train employees, as they are able to click on suspicious links that lead to such attacks.
For more information, read the original story in Bleeping Computer.