New research from Zimperium’s zLabs has revealed significant trends in mobile-specific phishing attacks, known as “mishing,” which are specifically engineered to exploit vulnerabilities and features unique to mobile platforms. The report emerges amid growing concerns about mobile security, particularly as organizations continue to adapt to remote and hybrid work environments.
The research identifies several key factors contributing to the rise in mobile phishing attacks. Mobile devices’ smaller screen sizes make suspicious URLs more difficult to identify, while touch-based interfaces limit users’ ability to inspect links thoroughly. Additionally, users typically place higher trust in mobile messaging platforms, leading to reduced skepticism toward potentially malicious messages.
Attackers are employing increasingly sophisticated techniques, including device-aware phishing that delivers malicious content based on specific device characteristics such as operating system, browser type, and screen resolution. Geolocation-based redirection is also being used to serve region-specific phishing pages, allowing attackers to target specific geographic areas with localized scams.
The report documents a significant SMS-based phishing campaign that distributed over 100,000 malware samples across 113 countries. The campaign employed deceptive advertisements and Telegram bots to convince victims to install malicious applications capable of intercepting SMS authentication codes and compromising accounts across more than 600 global services. The finding is particularly concerning given recent warnings from the FBI and CISA about vulnerabilities in SMS-based two-factor authentication.
QR code phishing has emerged as a notable threat vector, with malicious emails containing QR codes successfully bypassing security measures and accounting for approximately 25 percent of all attacks. The trend has prompted the development of new security measures, including Rochester University’s SDMQR technology, specifically designed to combat QR code-based phishing attempts.
“The shift toward mobile-targeted phishing attacks is a clear signal that organizations must rethink their security strategies in the age of hybrid and remote work with employees using a variety of devices,” said Patrick Tiquet, Vice President of Security and Architecture at Keeper Security. “Attackers are increasingly exploiting mobile-first communication channels — SMS, QR codes and mobile-optimized phishing sites — to bypass traditional email security controls.”
“Mobile threats are no longer a fringe problem,” said Mika Aalto, Co-Founder and CEO at Hoxhunt. “With so much sensitive data now accessible on phones since the mass migration to remote work and cloud services, attackers see mobile as a direct gateway to corporate assets. That’s why we need to train people specifically on these unique risks and give the skills and tools to recognize and report mobile attacks, because the security model built around desktops just doesn’t apply cleanly to handheld devices.”
Sources: Silicon Angle, Security Magazine, Help Net Security
Follow Us