Protect Remote Workers from M-ishing

11/12/2024

A recent study reveals that eight in 10 illegitimate websites now specifically target mobile devices with an array of social engineering techniques categorized as Mobile-Targeted Phishing or “M-ishing.”

mishing-1.jpg

This technical trend is propelling a rising wave of data breaches. More than half the organizations examined by researchers experienced incursions due to cybercriminals capturing credentials and other confidential information via employees’ mobile devices.  Why should leaders of small to medium-size businesses (SMBs) be concerned about this particular issue amongst the vast range of cyber threats?
 
Because other research shows that workers now spend about a third of their time on average working remotely. In fact, the number of days worked out of traditional offices has more than tripled in the last five years.
 
Many economists now classify remote work – a grouping that includes staff that works from home full time and “hybrid” arrangements that involve splitting time in the office and at home – as an embedded aspect of the U.S. labor market. Analysis confirms that many workers value hybrid work, for example, as much as they do increases in compensation.
Considering SMBs employ more than 60 million people, which is nearly half of the national workforce, M-ishing should rank near the top of SMB cyber risks alongside notorious hazards like ransomware.
 
What are the cybersecurity basics for protecting remote workers from social engineering tactics like M-ishing? Here are five:
  • Multi-factor authentication
  • Secure VPN solution for network infrastructure
  • Regular patching and updating of all operating systems, browsers and applications
  • Continuous monitoring of remote authentication
  • Cybersecure practices training for all workers – especially those working remotely
Want to learn more about supporting remote workers? Peruse our checklist here.