It's not as though we need more reminders of the security risks mobile devices pose to the enterprise, but according to security vendor Trusteer, mobile users are three times more likely to be the victim of phishing scams than desktop users. 

According to Trusteer's research, based on a review of log files of a number of web servers hosting phishing sites, when mobile users access phishing sites, they are three times more likely to hand over their login data. Why are mobile users so gullible? One possibility is that it is more difficult to detect a phishing site on a mobile device, the company suggests.

Part of the vulnerability for mobile users is simply that they are always connected and inclined to read their email as it arrives, writes Trusteer CEO Mickey Boodaei, in a post on his company's blog. "The first couple of hours in a phishing attack are critical. After that many attacks are blocked by phishing filters or taken down," he writes. "Hence mobile users are more likely to be hit by Phishing just because they're 'always on.'"

In a finding sure to spark pushback, the security researchers found that iPhone users are more gullible than BlackBerry users: Eight times more iPhone users open phishing sites. Trusteer hypothesizes that BlackBerry users, who tend to get their phones from their companies, might be better educated about phishing scams, and they might be better protected via their mail servers.

Boodaei recommends that mobile users never open links in email messages and that they download a secure mobile browser, which Trusteer happens to sell.

For more:
- see Mickey Boodaei's post on the Trusteer blog

Related Articles:
Symantec: Retailers hit hard by malicious email
How to recognize an email that's phishing