Threat groups continue to seek evidence in their phishing attacks targeting the mobile devices of government employees, with nearly half of mobile phishing attacks in 2021 aiming to steal government guarantees an increase from last year.
That’s according to a new report by Lookout, which analyzed data from 2021 and the first half of 2022 detailing its federal, state, and local government user base. Public relations data is collected from the telemetry data of more than 200 million devices and more than 175 million devices. The report found that mobile phishing attacks targeting federal, state and local government employee credentials increased from 31 percent in 2020 to 46 percent in 2021, while those issuing malware has decreased slightly from 79 percent in 2020 to 70 percent in 2021.
“Sending malware continues to account for about 75 percent of all mobile phishing attacks across all industries,” Lookout researchers said in a report Wednesday. “However, when targeting federal, state, and local government organizations, cybercriminals are increasingly using phishing attacks to collect credentials before issuing them. to malware.”
Overall, the researchers found a steady increase in mobile phishing attempts for state and local governments in both managed and unmanaged categories, with attempts increasing by 48 percent for managed software and 25 percent for unmanaged software from 2020 to 2021. Lookout researchers found that this increase has continued until the first half of 2022.
Phishing attacks can have a variety of malicious activities. In March, the FBI said it found U.S. election officials and other federal and local governments in at least nine states receiving invoice-themed phishing emails, in some cases sent from appropriate email addresses. The emails, discovered in October 2021, shared sensitive files and were sent in close time, which the FBI said was a “coordinated effort” to target election officials. Phishing emails lead recipients to a website designed to steal their credentials.
“There is an underground market in the dark web for credential/identity theft,” said Steve Banda, senior director of security solutions with Lookout. “We don’t expect this to slow down any time soon. Cybercriminals have made an effort to steal and sell credentials in these forums. This data is ultimately used by attackers to gain deep access to government systems. Once verified, they can move back into the environment often without detection, destroying valuable information that can be used in malicious ways.”