AUT-9 · Mobile Threat Catalogue

Mobile Threat Catalogue

Phishing attack via e-mails that link to malicious applications or websites that captures credentials


Threat Category: Authentication: User or Device to Remote Service


Threat Description:

Threat Origin

Phishing Defenses for Webmail Providers 1

Exploit Examples

Your Account PayPal Has Been Limited Phishing Scam 2

CVE Examples

Not Applicable

Possible Countermeasures


Ensure corporate e-mail policy is configured to scan for suspicious files, executables, or attachments, and segregate such emails to increase end-user awareness of their potential to contain malicious content.

Deploy email and web proxy services that will examine URL resources for malicious content, and if any is found, prevent delivery of the message to the intended recipient.

Deploy email filtering tools or services that will automatically remove detected URLs from the body of emails from untrusted domains.

Educate end users on how to recognize phishing attempts and increase their awareness of techniques to browse safely from mobile devices, such as tap-and-hold on a hyperlink to examine its associated URL.


  1. R. Graves, Phishing Defenses for Webmail Providers, white paper, SANS Institute, 2013; [accessed 8/258/2016] 

  2. C. Boyd, “‘Your Account PayPal Has Been Limited’ Phishing Scam”, blog, 8 May 2015; [accessed 8/25/2016]