• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
Craig Hays

Craig Hays

  • Cybersecurity
  • Principles
  • Newsletter
  • Learn Cyber Security
    • Hacking and Defending User Accounts
    • Learning Guides
  • Contact
  • Show Search
Hide Search
You are here: Home / Archives for mobile security

mobile security

Why More Than Half of Email Phishing Leaks Happen on Mobile Devices

June 22, 2020 By Craig Hays Leave a Comment

Reading Time: 5 minutes

Over 60 percent of people who are phished by email are phished on mobile devices. This is why it happens and what you can do about it.

mobile phishing
Photo by Rasheed Kemy on Unsplash

Why Mobile Devices are More Prone to Phishing

I’ve sent a lot of phishing emails. All with good intentions I must add. While reviewing the results, one of the most surprising things that I discovered was that the majority of people who fall for phishing tests (and therefore real phishing attacks) are using mobile devices. In my experience, 60% of those who are successfully deceived are victims of mobile phishing.

These are my conclusions as to why this is true and recommendations on what we can do to help people stay safe online.

[Read more…] about Why More Than Half of Email Phishing Leaks Happen on Mobile Devices

Bug Bounty Hunting Tips #2 —Target their mobile apps (Android Edition)

February 9, 2018 By Craig Hays 1 Comment

Reading Time: 6 minutes

If you read through the disclosed bug bounty reports on platforms such as hackerone.com it is clear that most bug bounty hunters are targeting web applications and neglecting the mobile application landscape. This is an opportunity that you can take advantage of.

Android app bug bounty
Photo by LOLIONI on Unsplash

I’ve had a lot of success recently looking at mobile apps, specifically android applications. After searching online for decent training material I stumbled upon the Udemy course Android Application Penetration Testing which has proven invaluable. (Disclaimer, I get no financial gain or anything else out of linking to this course, other than more competition in the android bug bounty space.) 4.5 hours of training at 2x regular playback speed and you’re in a good starting position.

Just like web applications, you can find the OWASP Mobile Top 10 very useful for identifying vulnerabilities to look for. My personal favourites are:

[Read more…] about Bug Bounty Hunting Tips #2 —Target their mobile apps (Android Edition)

Primary Sidebar

Newsletter

Want to get smarter about cyber security? Join my growing list of newsletter readers for exclusive news, reviews, how-tos, and more.

· © Craig Hays, 2006–2023 ·

  • Phishing