Phishing Season is still Open

9768200270?profile=RESIZE_400xCybersecurity researchers are warning about a rise in cyber criminals going after mobile devices as a means of gaining entry to networks.  There has been a surge in mobile phishing attacks targeting the energy sector as cyber attackers attempt to break into networks used to provide services including electricity and gas.

The energy industry is highly critical, providing people with vital services required for everyday use.  That role makes it a prime target for cyber criminals.  That risk was demonstrated earlier in 2021 when the Colonial Pipeline was hit with a ransomware attack, leading to the gasoline shortages across the Eastern US.  Colonial ended up paying cyber criminals almost $4.5 million dollars for a decryption key to restore the network.[1]

It is not only cyber criminals who have an interest in hacking into the networks of energy providers; they are also a top target for nation state-backed hacking groups for whom breaching a network could be a path towards causing significant disruption.  The desire to break into these networks has resulted in a sharp rise in phishing attacks against the energy sector, specifically cyberattacks targeting mobile devices, warns in a recent report by cybersecurity researchers.

According to the report by Lookout, there has been a 161% increase in mobile phishing attacks targeting the energy sector since the second half of 2020.  Attacks targeting energy organizations account for 17% of all mobile attacks globally making it the most targeted sector, ahead of finance, government, pharmaceuticals, and manufacturing.  "The energy industry is directly related to the wellbeing and safety of citizens, globally," said Lookout.  Remote working has increased considerably during the past 18 months.  And while the rise in mobile working has allowed businesses to continue operating, the increase in the use of personal devices and remote working has also boosted security risks according to Lookout, 41% of mobile devices in the energy industry are not managed by employers.

That situation could put users at risk from cyberattacks including phishing and malware that could be used to help gain access to wider networks.  The aim of the attackers is to steal usernames and passwords that could be used to gain access to cloud services and other parts of the network.

Tailoring phishing emails towards mobile devices can make them more difficult to spot because the smaller screen provides fewer opportunities to double check that links in messages are legitimate, while smartphones and tablets might not be secured as comprehensively as laptops and desktop PCs, providing attackers with a useful means of attempting to compromise networks.

"Threat actors know that mobile devices aren't usually secured in the same way as computers. For this reason, mobile phishing has become one of the primary ways threat actors get into corporate infrastructure," said Lookout.  "By launching phishing attacks that mimic the context that the recipient expects, attackers are able to direct a user to a fake webpage that mimics a familiar application login page. Without thinking, the user provides credentials and data has been stolen," they added.

It is likely that cyber criminals will continue to target mobile devices as organizations adopt hybrid working practices, so researchers emphasize the importance of smartphones and tablets being part of the overall cybersecurity strategy, by ensuring that the operating systems they run on are up to date and that they're using software to help protect against phishing, malware and other cyberattacks.  "The majority of attacks start with phishing, and mobile presents a multitude of attack pathways. An anti-phishing solution must block any communication from known phishing sites on mobile devices including SMS, apps, social platforms and email," stresses Lookout.

All organizations should be training their employees to guard against phishing attempts.  For more information on Phishing simulation training, please visit:    

Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. For questions, comments or assistance, please contact the office directly at 1-844-492-7225, or

Weekly Cyber Intelligence Briefings:

Weekly Cyber Intelligence Briefings:

REDSHORTS - Weekly Cyber Intelligence Briefings


E-mail me when people leave their comments –

You need to be a member of Red Sky Alliance to add comments!

Join Red Sky Alliance