Mobile devices now serve as primary interfaces for authentication, identity verification, and access to cloud services, while messaging platforms have become essential communication channels. The reality of mobile security leaves businesses with something of a dilemma, wondering if iOS or Android devices are more secure.
The latest Mobile Threat Landscape Report from Lookout shows that the answer isn’t a simple one, While iOS devices face mobile phishing in businesses over two times more than Android, giving hackers more bang for their buck as they target executives, the newest and most encountered malware families are overwhelmingly targeting Android devices.
Threat actors are no longer probing whether mobile-first techniques are effective. Instead, they’re executing repeatable, scalable campaigns that rely on mobile phishing, social engineering, and identity abuse as primary access vectors. In many cases, attackers no longer require malware or vulnerability exploitation at the outset; instead, they operate entirely within legitimate authentication and access workflows.
By harvesting publicly available and organizational data, threat actors generate compelling, error-free SMS messages that create urgency and build trust. Delivered directly to employees’ mobile devices, these attacks bypass traditional perimeter controls and exploit human behavior.
Legacy SOC operating models aren’t designed to cope with this. Mobile-specific threats require earlier detection, greater signal fidelity, and tighter integration with existing SOC workflows.
As well as social engineering attackers target system and app vulnerabilities. Out-of-date software is by far the most common security misconfiguration.
The report concludes:
With nearly 13 percent of enterprise devices encountering phishing or malicious content each quarter, iOS exposure exceeding 16 percent, and more than 1.2 million enterprise phishing sites observed in Q3 alone, mobile has become a predictable and reliable entry point for attackers.
As mobile devices continue to serve as the primary interface for communication, authentication, and access, mobile telemetry has become foundational intelligence for understanding enterprise risk — not supplemental context.
You can get the full report on the Lookout site.
Image credit: VitalikRadko/depositphotos.com
