Analysis of more than 220 million devices reveals surprising trends in mobile cybersecurity, according to a detailed Lookout Q3 2024 Mobile Threat Report. If iPhones are more affected by certain attacks, this does not fundamentally call into question their reputation for security.
Overexposure of iOS devices to phishing attacks
The figures speak for themselves: 19% of iOS devices in the workplace were exposed to at least one phishing attempt during the first three quarters of 2024, compared to 10.9% for Android devices. This difference is largely explained by the strong presence of iPhones in the workplace – the report indicates that iOS devices outnumber Android devices more than twice as many in the professional environment.
The report notes a concerning 17% increase in credential theft and phishing attempts specifically targeting businesses compared to the previous quarter. Attackers now favor more targeted approaches rather than massive indiscriminate campaigns.
An ecosystem that remains generally more secure
Despite these statistics, it is important to qualify these results. iOS’s closed architecture and strict security controls continue to provide robust protection against malware and other advanced threats. The report also highlights that the majority of malware detected (such as BnkRat, SpySolr, ValadSpy) mainly targets the Android platform.
Researchers have identified 473 million phishing sites since 2019, with a notable increase in the sophistication of attacks. Cybercriminals are increasingly using executive impersonation and creating emergencies to manipulate employees, a technique that works independently of the operating system.
Evolving threats and future challenges
The emergence of AI and language models poses new challenges for mobile cybersecurity. Attackers can now automate and personalize their phishing attempts at scale, making them more credible and therefore more dangerous.
The situation could change in Europe with the forced opening of the iOS ecosystem to sideloading. While Apple warns of potential risks, its ecosystem maintains solid built-in protections, notably through regular updates and an application validation process that remains rigorous, even in the context of new European regulations. Indeed, Apple continues to validate all applications, including those installed outside the App Store.
This study reminds us that good security relies above all on user vigilance and keeping systems up to date, regardless of the device used. iPhones maintain their overall security advantage, although users should remain alert to phishing attempts that specifically target them.
