New zLabs Report Highlights Rise in Smishing because the Dominant Mishing Vector in 2024
Dallas, TX – February 20, 2025 – Zimperium, the worldwide chief in cell safety, right now launched new analysis highlighting the evolving panorama of cell phishing assaults. The information-driven evaluation of cell phishing vectors in 2024 underscores an pressing want for organizations to undertake mobile-specific safety methods to fight these more and more subtle threats, as proof exhibits that attackers have moved to a ‘cell first’ technique to penetrate company networks and delicate information.
Key Findings from Zimperium’s 2024 Cell Phishing Report:
- Smishing (SMS/textual content primarily based phishing) stays the most typical cell phishing vector, with 37% of assaults in India, 16% within the U.S., and 9% in Brazil.
- Cell-targeted e-mail phishing is growing with assaults particularly designed to evade desktop safety measures, executing solely on cell gadgets.
- Quishing (QR code phishing) is rising, with notable exercise in Japan (17%), the U.S. (15%), and India (11%).
- 3% of phishing websites use device-specific redirection, exhibiting benign content material on desktops whereas focusing on cell gadgets with phishing payloads.
- Analysis exhibits attackers reusing CIDR blocks to host a number of phishing domains, extending assault attain and persistence.
- Mishing exercise peaked in August 2024, with over 1,000 each day assault information.
The Strategic Implications for Enterprise Safety
As organizations more and more depend on cell gadgets for enterprise operations, together with multi-factor authentication and mobile-first purposes, cell phishing poses a extreme danger to enterprise safety. Attackers are exploiting safety gaps in cloud and cell enterprise purposes, increasing the assault floor and growing publicity to credential theft and information compromise. Conventional anti-phishing measures designed for desktops are proving insufficient, requiring a shift to cell menace protection options on the cell gadget.
“Mishing is not only an evolution of conventional cell phishing ways—it’s a wholly new class of assault engineered to use the precise capabilities and vulnerabilities of cell gadgets, equivalent to cameras,” stated Nico Chiaraviglio, Chief Scientist at Zimperium. “Our analysis exhibits that attackers are more and more leveraging a number of mobile-specific channels—together with SMS, e-mail, QR codes, and voice phishing (vishing)—to use consumer behaviors and broaden their assault floor.”
To be taught extra concerning the rise in mishing assaults and methods to mitigate these dangers, go to www.zimperium.com.
About Zimperium
Zimperium is the world chief in cell safety. Objective-built for cell environments, Zimperium gives unparalleled safety for cell purposes and gadgets, leveraging AI-driven, autonomous safety to counter evolving threats together with mobile-targeted phishing (mishing), malware, app vulnerabilities and compromise, in addition to zero-day threats. As cybercriminals undertake a mobile-first assault technique, Zimperium helps organizations keep forward with proactive, unmatched safety of the cell apps that run your small business and the cell gadgets relied upon by your workers.
Media Contact:
Sena McGrand