Mobile Device Users More Susceptible to Phishing Scams

Mobile devices are making us dumber - at least when it comes to security, according to research conducted by security firm Trusteer. Research published by the company found that smartphone and computer tablet users are three times more susceptible to email phishing scams than traditional PC and laptop users.

Trusteer said a study it conducted of the log files of a number of servers known to be hosting phishing Web sites showed that users of mobile devices were among the first to access phishing sites. They were also three times more likely to submit log in information than PC and laptop users. And iPhone users submitted their log in information eight times as often as Blackberry users.

Trusteer arrived at that conclusion after comparing entries in the log files, which contained information on who accessed the sites, when they accessed them, the specific devices being used to access the sites, and whether or not a user submitted log in information to the site.

Trusteer said that it's no surprise that users of 'always on' mobile devices were among the first to surf over to phishing Web sites.

As for why mobile device users are three times as likely to submit their log in information, Trusteer concluded that it is more difficult to identify fraudulent websites on a mobile device than on traditional desktop and laptop computers, many of which are now outfitted with anti-phishing programs. Blackberry and an iPhone users who visited phishing sites were much less likely detect them than their laptop and desktop using brethren. Part of the problem in identifying mobile devices may stem from their relatively small screen size.  In HTML, when a link is embedded in HREF (hypertext reference) format, hovering over it will reveal the entire link. If a link is long enough, it will appear in a truncated format on an iPhone or Blackberry. So when a user hovers over it with the cursor, only the beginning of the link needs to look legitimate, because that is all a user will see.

Trusteer found the difference in effectiveness between the iPhone and Blackberry negligible in detecting phishing websites, though the link between Blackberries and business use may make users of that device more cautious about visiting suspicious sites or entering their login-in credentials to such sites.

Trusteer recommends that mobile users avoid clicking on links in emails since it is difficult to determine for certain who the message is from, where the link goes, and what the consequence of clicking on it may be. Furthermore, they recommend that banks should inform consumers about the danger and prevalence of phishing scams directed toward mobile device users.

Commenting on this Article is closed.