Mobile Phishing Attacks Now Focusing on Malware Delivery

Cybercriminals behind mobile phishing attacks have now changed their tactics while targeting pharmaceutical companies. Now, they are more focused on malware delivery instead of credential theft. Additionally, they are looking for critical research data related to COVID-19 vaccine from pharmaceutical companies.

What’s happening?

Since the onset of the COVID-19 pandemic, most of the pharmaceutical companies’ employees are working from home, and that’s where cybercriminals found an opportunity to strike. They are targeting smartphones and tablets used by their employees.
  • New research disclosed that in the third quarter of 2020, around 77% of mobile phishing attacks on pharmaceutical organizations were intended for delivering malware.
  • In addition, 35% of the phishing attacks tried to steal credentials. Now, cybercriminals are using credential theft and malware delivery attacks together with a single phishing link. 
  • In early-2020, when COVID-19 was spreading globally, a spike was seen in pharmaceutical mobile phishing attacks, from 7.06% in Q4 2019 to 15.26% in Q1 2020.
  • The reason for targeting mobile devices is that a well-crafted attack is very hard to spot on mobile devices. Mobile has smaller screens, simple user interface, and people exercise less caution when it comes to mobile.

Recent incidents

Phishing attacks delivering malware have become common among cybercriminals and used very frequently for various malicious purposes. 
  • Recently, Qbot botnet was seen leveraging U.S. election-themed phishing emails to infect victims with malicious payloads, and harvest user data and emails.
  • In addition, Wroba trojan was observed targeting smartphone users located in the U.S. with a smishing attack.


Cybercriminals are targeting devices such as smartphones to deliver malware via phishing attacks. Thus, experts suggest having an up-to-date operating system, a reliable anti-malware application, and providing training to employees working from home to identify such phishing attacks.

Cyware Publisher