Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityManagementSecurity NewswireTechnologies & SolutionsSecurity Enterprise ServicesSecurity Leadership and ManagementLogical SecuritySecurity & Business ResilienceCybersecurity News

Pharmaceutical industry sees increase in mobile phishing encounters

SEC0320-cyber-feat-slide1_900px.jpg
November 18, 2020

Lookout's newest Pharmaceutical Industry Threat Report shows attackers have turned to spear phishing campaigns to steal employees’ login data or deliver malicious payloads to their mobile devices to compromise the infrastructure of pharma companies. 

Malicious actors are focused on mobile phishing because they can use any of the hundreds of apps the average person has on their mobile device. Attackers can socially engineer targets on a personal level through social media apps, messaging platforms, games, and even dating apps. An attacker will target particular individuals, including heads of research, manufacturing plant managers, sales leaders, or company executives, to gain privileged access to the data they want.

Lookout research shows that there have been multiple  reports of foreign adversaries targeting pharmaceutical industry executives with mobile spear phishing attacks. Both the National Cyber Security Centre in the U.K. and the Cybersecurity & Infrastructure Security Agency in the U.S. issued advisories to organizations involved in the COVID-19 response to shore up their security practices. 

Since most employees use either a smartphone or a tablet, or both, to access data within their infrastructure, the risk surface is widespread. To help protect and secure iOS, Android and ChromeOS devices, IT and security teams have used the NIST Special Publication 800-124 as a framework to develop their strategy to secure mobile devices. 

The rate at which devices encounter mobile phishing, app threats, device threats and risky networks is increasing. Here are some findings from Lookout telemetry from almost 200 million devices and over 125 million mobile apps: 

lookout

According to Lookout, while operating system CVEs (Common Vulnerabilities and Exposures) are patchable, there are still some obstacles to overcome such as:

  • CVEs are known exploitable vulnerabilities attackers can actively target to take over a device or surpass its built-in security measures.
  • Patching usually requires action by the mobile user to update the device.
  • If an employee is running an old OS version, they’re walking around with a doorway to your organization’s data in their pocket.
 
"In order to protect against exploitation of known CVEs, your team needs to have mobile vulnerability and patch management
capabilities. Only with visibility into endpoint and app vulnerabilities will you know exactly where vulnerabilities exist and when
they need to be updated to prevent those vulnerabilities from being exploited by threat actors," says the research. 
 
In the second quarter of 2020, there was a spike in mobile phishing threats: 
 
lookout
The 106% increase in malware delivery signals that:
  • Attackers are investing in more complex malware delivery methods and using phishing links to deliver malware to the device.
  • Social engineering can convince an employee to download a sideloaded app just as well as it can convince them to enter their login credentials in a fake site.
  • Successful delivery of spyware or surveillanceware to a device could result in longer-term success for the attacker.
  • Attackers want to be able to observe everything the user is doing and look into the files their device accesses and stores.

To help protect mobile devices from cyberattacks, Lookout recommends pharmaceutical organizations use modern endpoint protection solutions that can detect mobile threats in apps, device operating systems and network connections while also
protecting against credential harvesting and malware delivery attacks through phishing. 

For more information, please visit https://blog.lookout.com/pharma-report-3-out-of-4-phishing-attacks-attempt-to-deliver-malware

 
KEYWORDS: cyber security mobile device security pharmaceutical security

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Security Enterprise Services
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Logical Security
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Logical Security
    By: Charles Denyer
Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Sureview screen
    Sponsored bySureView Systems

    The Evolution of Automation in the Command Center

  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

Popular Stories

Rendered computer with keyboard

16B Login Credentials Exposed in World’s Largest Data Breach

Verizon on phone screen

61M Records Listed for Sale Online, Allegedly Belong to Verizon

Security’s 2025 Women in Security

Security’s 2025 Women in Security

Red spiderweb

From Retail to Insurance, Scattered Spider Changes Targets

blurry multicolored text on black screen

PowerSchool Education Technology Company Announces Data Breach

2025 Security Benchmark banner

Events

July 17, 2025

Tech in the Jungle: Leveraging Surveillance, Access Control, and Technology in Unique Environments

What do zebras, school groups and high-tech surveillance have in common? They're all part of a day’s work for the security team at the Toledo Zoo.

August 7, 2025

Threats to the Energy Sector: Implications for Corporate and National Security

The energy sector has found itself in the crosshairs of virtually every bad actor on the global stage.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • hacker-attack-breach-freepik.jpg

    Banking industry sees 1318% increase in ransomware attacks in 2021

    See More
  • maritime

    Maritime Industry Sees 400% Increase in Attempted Cyberattacks Since February 2020

    See More
  • phishing

    Lookout Report: 37% Increase in Worldwide in Enterprise Mobile Phishing Attacks

    See More

Related Products

See More Products
  • security culture.webp

    Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

  • 150952519X.jpg

    Intelligence in An Insecure World, 3rd Edition

  • s in europe.jpg

    Surveillance in Europe

See More Products

Events

View AllSubmit An Event
  • December 12, 2011

    Mobile Surveillance Applications

    Do you know what apps are available to you for your mobile devices to increase you Axis effectiveness? Here's a chance to find out. In this webinar session we'll update you on what is out there for camera viewing software along with our reviews. We'll also look at the Axis Product Selector tool and several other applications that are available today.
  • February 3, 2012

    Mobile Surveillance Applications

    Do you know what apps are available to you for your mobile devices to increase you Axis effectiveness? Here's a chance to find out. In this webinar session we’ll update you on what is out there for camera viewing software along with our reviews. We’ll also look at the Axis Product Selector tool and several other applications that are available today.
View AllSubmit An Event
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing