Urgent Need for Real-Time Defence Against Social Engineering Attacks in India
Social engineering attacks are an endemic in India - or a 'scamdemic', as some are calling it. Last year, IBM found that they were the costliest attack vector in the country, resulting in, on average, INR191 million in losses. Meanwhile, Barracuda’s 2023 Spear-phishing Trends study of 70 IT teams in Indian organizations found that 15 suspicious emails were received on a typical workday, a 50% bump on the global average. The year before, India's Computer Emergency Response Team (CERT-In) said it handled 1,714 phishing attacks and 875,892 vulnerable services. This trend over the last couple of years highlights the need to change course - and fast.
But let's start at the beginning. Mobile apps are prime targets because of their convenience and widespread adoption. Attackers are, therefore, not short of potential victims to take advantage of. Even if one target can resist attackers' attempts, it is relatively easy to find another target to take advantage of. The thing is, these attacks are incredibly efficient at exploiting people's trust and capitalizing on human vulnerability. That makes anyone susceptible to falling victim, even tech-savvy individuals.
The consequences of keeping the status quo
Einstein once famously said that insanity is doing the same thing over and over and expecting different results. With threat actors riding high on the wave of success social engineering tactics are delivering for them, there are far-reaching consequences from sticking with tried and tested reactive measures. The fundamental question is how brands intend to protect customers in the face of things like account takeover, financial loss, and identity theft. And where can they turn?
While existing solutions around social engineering tend to place the burden of prevention solely on user vigilance, users increasingly expect app developers to build safeguards directly into their apps. Without this, sophisticated malware and convincing social engineering tactics render even the most cautious users vulnerable.
Leveraging real-time defense
The need of the day is to provide real-time defense mechanisms that detect, block, and intervene robustly as soon as anomalous activity occurs. And this lies at the heart of what it means to break the current cycle of social engineering attacks i.e., stepping in to defend users in time to nip an attack in the bud. Ultimately, when an attacker contacts a mobile app user, there is nothing standing in their way. The more convincing the attacker, the more likely the user is to fall for the scam. So, turning the tables on threat actors requires a shift that encompasses:
• Voice Phishing (Vishing) Fraud Detection: Utilizing behavioural analysis to identify suspicious activity coinciding with potentially malicious phone calls, while the app is being used. This feature detects and prevents voice phishing attacks (vishing), where attackers use phone calls to deceive users into disclosing sensitive information or performing unauthorized actions.
• Remote Desktop Control Detection: Identifies third-party applications used in social engineering attacks to remotely take control of mobile devices and applications maliciously. By monitoring for unauthorized remote access attempts, this feature prevents attackers from gaining control over users’ devices and executing malicious actions.
• Facial Recognition Bypass Detection: Prevents attackers from circumventing biometric security measures (such as FaceID) and gaining unauthorized access to users’ accounts or sensitive information.
• SIM Swapping Detection: Detects and prevents SIM swapping attacks, where attackers fraudulently transfer a legitimate user’s phone numbers to a SIM card or eSIM under the attacker’s control, which may allow MFA bypass, creating fraudulent accounts, conducting account takeovers, and even identity theft.
• Admin-SU Profiles Detection: Identifies the presence of management profiles (MDM profiles) installed on devices, which compromise user privacy and may allow attackers to take control of user devices and accounts.
• Trojan/Fake App Prevention: Prevents mobile users from unknowingly installing malicious apps (Trojans, malware, etc) that can compromise their devices and steal sensitive information.
Moreover, the solution must seamlessly enable mobile brands to effortlessly implement mobile app defense features, directly inside their CI/CD pipeline and without the need for coding, SDKs, servers, or developer involvement.
In a landscape where mobile app security is paramount, outpacing attackers hinges on leveraging real-time detection and intervention capabilities. This not only safeguards user trust and brand reputation but also ensures business continuity in the face of evolving threats.
Jan Sysmans
Jan Sysmans is Mobile App Security Evangelist at Appdome.