Connect with us

Hi, what are you looking for?

HEADLINES

Appdome delivers world’s first real-time defense to social engineering attacks on mobile apps

The new service enables mobile brands to continuously detect, block and intervene the moment social engineering attacks attempt to exploit user trust or manipulate user behavior.

Appdome, the mobile economy’s one-stop shop for mobile app defense, unveiled its new Social Engineering Prevention service on the Appdome Platform. The new service enables mobile brands to continuously detect, block and intervene the moment social engineering attacks attempt to exploit user trust or manipulate user behavior. The new service includes several new real-time defenses against voice phishing (vishing), remote desktop control, FaceID bypass, fake applications, and SIM swapping, all of which protect user safety, brand reputation, business continuity, and revenue generation.

“Social engineering attacks tend to go where users are most vulnerable and, right now, that includes the mobile app and device,” said Katie Norton, Research Manager of DevSecOps at IDC. “Mobile brands and their users face serious consequences when social engineering attacks are successful, so organizations need solutions that can help detect and prevent such attacks for their mobile applications.”

Social engineering attacks exploit brand trust by using impersonation and psychological manipulation to cause mobile users to divulge sensitive information, such as passwords, OTP keys, and more, perform actions in a mobile app on behalf of the attacker, or install new apps that give the attacker control over the user’s mobile device. Such mobile app attacks can have far-reaching consequences for consumers, including account takeover, financial loss, identity theft, confusion, and fear. Traditionally social engineering attacks were only discovered after an attack was successful, leaving mobile brands and users with months of financial, reputational, and emotional harm. Now, brands have the power of the first real-time solution to detect and intervene in social engineering attacks the moment they happen, disrupting the multi-billion-dollar social engineering fraud ecosystem.

“Mobile brands are taking social engineering attacks seriously,” said Tom Tovar, co-creator and CEO of Appdome. “The rise of AI-powered attacks is escalating the imperative to deliver real-time continuous protection from social engineering and other attacks. To fuel the long-term growth of the mobile app economy, we give brands the technology to detect each attack, maintain their voice and break the cycle of manipulation that sits at the center of social engineering attacks.”

Advertisement. Scroll to continue reading.

Appdome’s Social Engineering Prevention empowers mobile brands to break the cycle of live attacks by detecting and defending in real time the top methods social engineering attackers use to injure brands and users:

  • Voice Phishing (Vishing) Fraud: Uses behavioral analysis to detect when mobile end users’ activity in a mobile app coincides with a potentially malicious phone call, via attacks such as FakeCalls.
  • Remote Desktop Control: Detects third-party applications, such as TeamViewer, used in social engineering attacks to remotely control mobile devices and applications.
  • Biometric (FaceID) Bypass: Detects when an attacker attempts to spoof, fake or bypass biometric (facial) recognition in Android and iOS mobile apps, such as in GoldPickaxe. 
  • SIM Swapping: Detects when an attacker uses the mobile application with a replacement SIM card that the attacker controls.
  • Admin-SU Profiles: Detects if the device has an MDM, admin-SU, or similar profile installed on the device, which could spy or control the user’s application.
  • Trojan Apps: Prevent trojan apps, embedded with Malware such as FjordPhantom, used to spy on end users and gather data for social engineering attacks.

The new Social Engineering Prevention features can be deployed stand-alone or combined with any or all of Appdome’s 300+ other mobile app security, anti-fraud, anti-malware, geolocation compliance and other defenses. Together, Appdome makes it easy for mobile brands to unify mobile app defenses vs. the cost and complexity of cobbling together several disparate technologies to attempt to achieve a workable defense.

Like all of Appdome’s mobile app defenses, the new social engineering prevention features are available in several enforcement modes – in-app defense, in-app detection, and using Appdome’s Threat-Events™ in-app control framework. Threat-Events allows mobile brands to gather data on each attack, control the user experience and create beautiful on-brand mobile experiences when attacks happen. Mobile brands can use Threat-Events to leverage the power of their brand voice to break the cycle of a social engineering attack by restricting transactions, triggering SMS check-ins or educating users with in-app popups when threats are present. Mobile brands can track and monitor social engineering attacks via Appdome’s ThreatScope™ Mobile XDR, either before or after the deployment of social engineering prevention features.

“To win, you have to break the cycle of a social engineering attack as it happens,” said Chris Roeckl, chief product officer at Appdome. “Appdome’s Social Engineering Prevention service does just that – first we stop the technical means of application or device control the attackers use, and second, we provide telemetry and intelligence to the mobile app, giving the mobile brand the power to intervene, e.g. ‘Are you okay?’ when a threat is present.”

Advertisement. Scroll to continue reading.
Advertisement
Advertisement
Advertisement

Like Us On Facebook

You May Also Like

HEADLINES

Kaspersky has been at the forefront of raising awareness about cybercrimes and empowering individuals and organizations to protect themselves.

HEADLINES

“We remind our customers to carefully inspect URLs before opening them. Criminals often use spellings very close to legitimate domains to deceive customers into...

HEADLINES

For the Philippines, PH-CERT and NADPOP estimate that the country needs 180,000 trained and validated cybersecurity professionals to proactively and effectively protect the country’s...

White Papers

46% of geo-distributed companies encountered network problems between one and three times per month, while 13% stated they experienced network challenges every week. The...

HEADLINES

“Data is the new oil. Cyber criminals steal personal information to defraud you or use your identity to victimize people close to you. Guard...

White Papers

According to the report, among organizations surveyed, 97% of those hit by ransomware over the past year engaged with law enforcement and/or official government...

HEADLINES

This development marks a major step forward in Globe's long-standing #PlayItRight advocacy to help promote and protect the country’s ₱1.6-trillion creative industry from the...

HEADLINES

Spoofing is a technique where fraudsters impersonate SMS channels to deceive recipients. The practice has seen a marked rise, especially in Metro Manila, with...

Advertisement