San Francisco – 24th July 2018 – A study today reveals that in the average insurance company, 2.4% of devices download malware, and 36.2% suffer phishing attacks every year.

Mobile security company Wandera analyzed data from the mobile estates of 25 leading firms over a six-month period – collectively comprising more than 10,000 iOS, Android and Windows 10 Mobile devices.

The data shows the average employee is accessing leaking sites three times a month and connecting to two insecure networks every month exposing insurance companies to threats like man-in-the-middle attacks. *

On top of these threats, the average employee at insurance firms is making 140 connections to inappropriate content, 18 connections to extreme or high-risk content opening up firms to the risk of data loss, data breach and legal risks. The average employee is also downloading one app from unofficial app stores every year exposing firms to malware.

Prevalence of mobile threats

In the average insurance firm:

  • 2.4% of mobile devices will download malware each year
  • 36.2% of mobile devices will suffer a phishing attack each year

Per employee at an insurance firm:

  • Leaking apps or sites* are accessed 3 times a month
  • Two connections to vulnerable networks are made every month
  • 140 connections to inappropriate content and 18 connections to extreme or high-risk content every year
    one app download per year from unofficial app stores (sideloaded app)*

4G data consumption

The analysis reveals data consumption is increasing by 93% each year among insurance companies with the average employee currently using, on average, 1.25GB of mobile data per month.

Eldar Tuvey, CEO and Founder of Wandera, comments:

“Smartphones are built with consumers in mind, not IT teams. So it’s no surprise that businesses are running into issues with misuse on their mobile devices. Employees have unvetted access to inappropriate content, dangerous third-party app stores and unsanctioned file sharing services which can all put corporate data at risk. It’s disconcerting that an alarming number of insurance companies have been slow to adapt their defenses and policies to the latest mobile risks.”

To read the full report and find out more about the mobile threats facing insurance firms visit


*Footnotes to the press release:

Leaking sites and apps: Apps or sites that transmit data insecurely (in plaintext), making them vulnerable to interception by hackers
Man-in-the-middle attacks: Typically undertaken through use of a rogue WiFi hotspot, whereby the attacker gains access to everything the target uses whilst connected to that network
Sideloaded app: Any app installed via unconventional means (ie. not through the app stores)

Media Contact:

Liarna LaPorta