Social engineering attacks exploit brand trust by using impersonation and psychological manipulation to cause mobile users to divulge sensitive information , such as passwords , OTP keys , and more , perform actions in a mobile app on behalf of the attacker , or install new apps that give the attacker control over the user ’ s mobile device .

Such mobile app attacks can have far-reaching consequences for consumers , including account takeover , financial loss , identity theft , confusion and fear . Traditionally social engineering attacks were only discovered after an attack was successful , leaving mobile brands and users with months of financial , reputational and emotional harm . Now , brands have the power of the first real-time solution to detect and intervene in social engineering attacks the moment they happen , disrupting the multi-billion-dollar social engineering fraud ecosystem .

Brands can now flip a switch to break the cycle of AI-powered social engineering attacks in Android and iOS apps and protect billions of mobile users from fraud and abuse in real time .

The new service enables mobile brands to continuously detect , block and intervene the moment social engineering attacks attempt to exploit user trust or manipulate user behaviour . The new service includes several new real-time defences against voice phishing ( vishing ), remote desktop control , FaceID bypass , fake applications and SIM swapping , all of which protect user safety , brand reputation , business continuity and revenue generation .

“ Social engineering attacks tend to go where users are most vulnerable and , right now , that includes the mobile app and device ,” said Katie Norton , Research Manager of DevSecOps at IDC . “ Mobile brands and their users face serious consequences when social engineering attacks are successful , so organisations need solutions that can help detect and prevent such attacks for their mobile applications .”

“ Mobile brands are taking social engineering attacks seriously ,” said Tom Tovar , Co-creator and CEO of Appdome . “ The rise of AI-powered attacks is escalating the imperative to deliver real-time continuous protection from social engineering and other attacks . To fuel the long-term growth of the mobile app economy , we give brands the technology to detect each attack , maintain their voice and break the cycle of manipulation that sits at the center of social engineering attacks .”

Appdome ’ s Social Engineering Prevention empowers mobile brands to break the cycle of live attacks by detecting and defending in real time the top methods social engineering attackers use to injure brands and users :

• Voice phishing ( Vishing ) fraud : Uses behavioural analysis to detect when mobile end users ’ activity in a mobile app coincides with a potentially malicious phone call , via attacks such as FakeCalls .

• Remote desktop control : Detects third-party applications , such as TeamViewer , used in social engineering attacks to remotely control mobile devices and applications .

• Biometric ( FaceID ) bypass : Detects when an attacker attempts to spoof , fake or bypass biometric ( facial ) recognition in Android and iOS mobile apps , such as in GoldPickaxe .

• SIM swapping : Detects when an attacker uses the mobile application with a replacement SIM card that the attacker controls .

• Admin-SU profiles : Detects if the device has an MDM , admin- SU , or similar profile installed on the device , which could spy or control the user ’ s application .

• Trojan apps : Prevent trojan apps , embedded with malware such as FjordPhantom , used to spy on end-users and gather data for social engineering attacks .

58 WWW . INTELLIGENTCISO . COM