Zero-day phishing protection

The threat

Phishing is the #1 mobile threat affecting organizations today.

With more than 50% of all Internet traffic coming from mobile devices, it’s no surprise that attackers have turned their attention to mobile employees and the myriad of communications apps they use.

The stats

A new mobile phish is launched every 20 seconds. That’s more than 4,000 new attacks per day.

Users are 3x more likely to fall for phishing on mobile than desktop.

The average mobile user is 18x more likely to encounter a phishing attack than a malware attack.

Mobile is the new medium

Mobile has offered a powerful new access and distribution network for hackers to exploit. It has become the ideal channel for culprits to carry out malicious phishing attacks for the following reasons:

Most users don’t expect a phishing attack on their mobile devices. They are therefore much more likely to fall victim to social engineering.

Malicious phishing URLs tend to arrive over trusted channels like SMS, WhatsApp and other social sites and apps.

Smartphones have smaller screen real estate to assess spoofed URLs. Often URLs are altogether hidden such as in the case to the left.

Incomplete protection methodologies

Employee training

Sounds like a good idea…

Organizations are investing in user education to discourage employees from clicking on malicious phishing links that expose their information to malicious third parties.

The problem

Organizations have learned through experience that education is not enough. The human element leaves room for error and therefore, potential damage to the user and business.

Anti-phishing services

Sounds like a good idea…

Some companies use anti-spam solutions to block junk mail and phishing attacks from reaching employee inboxes.

The problem

Anti-spam solutions that block phishing attempts in e-mail are not adequate. These tools do not address phishing attacks that are distributed outside of email (e.g., in SMS or through social media apps).

App-based security solutions

Sounds like a good idea…

App-only solutions can detect threats when the device is compromised or when malicious apps are installed. These solutions could allow users to submit questionable SMS messages.

The problem

More than 90% of phishing attacks are missed because they do not actually compromise the device or involve malicious apps. The vast majority of phishing attempts take place in the web browser or via apps, such as WhatsApp or Facebook. App-only solutions have zero visibility into phishing attacks that take place through these channels.

Wandera’s phishing protection is evolved

Zero-Day Phishing Intelligence

powered by MI:RIAM

Wandera is the only dedicated web gateway for mobile, operating directly in the pathway of mobile data.

The solution’s unique architecture allows it to sit between the device and the internet, giving it the ability to intercept traffic to phishing sites, whether initiated over SMS, instant messenger or social media applications.

MI:RIAM analyzes billions of mobile inputs each day using a wide range of data science techniques. When it comes to phishing, MI:RIAM has a proven industry-leading 98% efficacy of recognizing and proactively blocking mobile phishing attempts.

The zero-day evolution

Most phishing sites are published online for only a few hours before hackers move to an entirely new hosting server. This allows them to evade detection and maintain an ongoing campaign without being detected and blocked.

The risk to users is highest in those first critical hours before third-party threat intelligence is updated. In this short window of time, your mobile devices are most vulnerable to newly published attacks.

This is why we have advanced MI:RIAM’s phishing detection algorithms with next-generation machine learning that proactively seeks out new phishing attacks that can be blocked before they hit their first ‘patient zero’.

MI:RIAM’s zero-day phishing algorithm is complex, and relies on a variety of input factors to determine if web content poses a risk to mobile users. Numerous points of data are analyzed and taken together to generate a risk score which ultimately determines if the page is flagged and blocked.

Not only that, but this component of MI:RIAM’s intelligence is continuously improving. As the algorithm successfully identifies more unique phishing attacks, sitting directly in the pathway of mobile data, it is able to learn more about the anatomy of the attack. This allows it to hone its technique as time goes on.

Just a few of the unique factors MI:RIAM’s phishing algorithm analyzes are detailed below:

Gartner Market Guide for Mobile Threat Defense Solutions 2018

“Beyond a unified endpoint management (UEM) security add-on, MTD is also used to address use cases such as mobile phishing, bring your own device, app vetting and compliance.”

Download now ›