iPhones more affected than Android smartphones by a certain kind of cyberattack

[Redaktion]

Cybersecurity company Lookout Incorporated has just published the latest version of its Mobile Threat Report. According to the report, attackers are increasingly turning to phishing to gain access to sensitive data. End devices from a particular manufacturer are particularly affected.

https://www.notebookcheck.net/iPhones-more-affected-than-Android-smartphones-by-a-certain-kind-of-cyberattack.941008.0.html

[GeorgeS]

I'm sorry but this story makes little to no logical sense. While the clickbait quote:

"The latest Mobile Threat Report states that in the first three quarters of 2024, 19% of all Apple devices used in companies fell victim to phishing." along with the Android stats "10.9% of all Android smartphones were subject to phishing" does make one seem to believe that users with iOS devices fell prey to the phishing more than Android users.

However the above statements lack context as we don't know the populations of iOS devices & Android devices but only the 220 million total devices.

The story goes on to mention "malicious apps" which would imply that Apple HOST's such apps (which it very carefully curates) and then claims "one of the main problems is the use of outdated operating systems that are no longer supplied with the latest security updates and thus have vulnerable security gaps" both of which also lacks context.

While support for many Android devices might be a 'crap shoot' Apple is STILL supporting their iPhone10. Until recently iOS devices could get applications ONLY from the Apple APP-Store however Android devices have long been able to install applications from anywhere, the 'Play Store' is often wrote to have countless "malicious apps" available for installing.

Even the story summary is a false conclusion:
"In sum, only when IT infrastructure is kept up to date and is equipped with comprehensive security measures does it provide the greatest possible protection."

The above should read: No matter what security measures are implemented they are no match for the weak link found placed between a chair & keyboard.

[A]

I'm sorry but this story makes little to no logical sense. While the clickbait quote:

There are many things that play into why iOS tend to be more vulnerable.

1. For outdated devices, Apple requires OS upgrades to get newer browser versions. That means that if you don't get a major version upgrade, you are stuck with an older browser (and all apps using the safari web view). In comparison, Android decouples the browser from the OS. So even your 10 year old phone still gets browser updates

2. Apple convincing users and devs to blindly trust them, thus people assume that they can do poor practices because somehow Apple "wouldn't allow it".

"The latest Mobile Threat Report states that in the first three quarters of 2024, 19% of all Apple devices used in companies fell victim to phishing." along with the Android stats "10.9% of all Android smartphones were subject to phishing" does make one seem to believe that users with iOS devices fell prey to the phishing more than Android users.

However the above statements lack context as we don't know the populations of iOS devices & Android devices but only the 220 million total devices.


Also, article content can't be clickbait, headlines to make you click the article is clickbait.

The statistic doesn't care about how many users are ios or android, it cares about probability.

The story goes on to mention "malicious apps" which would imply that Apple HOST's such apps (which it very carefully curates) and then claims "one of the main problems is the use of outdated operating systems that are no longer supplied with the latest security updates and thus have vulnerable security gaps" both of which also lacks context.

Malicious apps are ONE of the ways you can be exploited, not the only way.

And you can easily get a malicious app onto Apple's store, they mostly just care about if you are violating their policy or not (as long as you pass their automated scanners). That said, I will note that enterprise can also sideload apps.

Google play in comparison scans even existing apps that are gotten outside of the store.

In enterprise, upgrades are pushed by policy. So it is possible for upgrades to be delayed.

While in android, security upgrades are independent of version upgrades. So it is much easier to push a security upgrade on Android where as for iOS you have to evaluate every major upgrade.

[mixedfish]

Apple devices have never been more secure than anything else it's a myth brought about confirmation bias of it hasn't happened then it must be good, Apple themselves have more than happy to reinforce the like by releasing baseless marketing.

[CuriousDragon]

I'm sorry but this story makes little to no logical sense. While the clickbait quote:

There are many things that play into why iOS tend to be more vulnerable.

1. For outdated devices, Apple requires OS upgrades to get newer browser versions. That means that if you don't get a major version upgrade, you are stuck with an older browser (and all apps using the safari web view). In comparison, Android decouples the browser from the OS. So even your 10 year old phone still gets browser updates

2. Apple convincing users and devs to blindly trust them, thus people assume that they can do poor practices because somehow Apple "wouldn't allow it".

"The latest Mobile Threat Report states that in the first three quarters of 2024, 19% of all Apple devices used in companies fell victim to phishing." along with the Android stats "10.9% of all Android smartphones were subject to phishing" does make one seem to believe that users with iOS devices fell prey to the phishing more than Android users.

However the above statements lack context as we don't know the populations of iOS devices & Android devices but only the 220 million total devices.


Also, article content can't be clickbait, headlines to make you click the article is clickbait.

The statistic doesn't care about how many users are ios or android, it cares about probability.

The story goes on to mention "malicious apps" which would imply that Apple HOST's such apps (which it very carefully curates) and then claims "one of the main problems is the use of outdated operating systems that are no longer supplied with the latest security updates and thus have vulnerable security gaps" both of which also lacks context.

Malicious apps are ONE of the ways you can be exploited, not the only way.

And you can easily get a malicious app onto Apple's store, they mostly just care about if you are violating their policy or not (as long as you pass their automated scanners). That said, I will note that enterprise can also sideload apps.

Google play in comparison scans even existing apps that are gotten outside of the store.

In enterprise, upgrades are pushed by policy. So it is possible for upgrades to be delayed.

While in android, security upgrades are independent of version upgrades. So it is much easier to push a security upgrade on Android where as for iOS you have to evaluate every major upgrade.

Let me make it easier for you, what is programmed can be reprogrammed, what is coded is decoded. Nothing is secure and besides the Apples , Googles and MS are the biggest stealer and tracker of your privacy and activates passing it on the Uncle Sam and its affiliates. And when you have solid knowledge of Networks, it is a different ball game. All the devices sucks

[GeorgeS]

I'm sorry but this story makes little to no logical sense. While the clickbait quote:

There are many things that play into why iOS tend to be more vulnerable.

1. For outdated devices, Apple requires OS upgrades to get newer browser versions. That means that if you don't get a major version upgrade, you are stuck with an older browser (and all apps using the safari web view). In comparison, Android decouples the browser from the OS. So even your 10 year old phone still gets browser updates

2. Apple convincing users and devs to blindly trust them, thus people assume that they can do poor practices because somehow Apple "wouldn't allow it".

"The latest Mobile Threat Report states that in the first three quarters of 2024, 19% of all Apple devices used in companies fell victim to phishing." along with the Android stats "10.9% of all Android smartphones were subject to phishing" does make one seem to believe that users with iOS devices fell prey to the phishing more than Android users.

However the above statements lack context as we don't know the populations of iOS devices & Android devices but only the 220 million total devices.


Also, article content can't be clickbait, headlines to make you click the article is clickbait.

The statistic doesn't care about how many users are ios or android, it cares about probability.

The story goes on to mention "malicious apps" which would imply that Apple HOST's such apps (which it very carefully curates) and then claims "one of the main problems is the use of outdated operating systems that are no longer supplied with the latest security updates and thus have vulnerable security gaps" both of which also lacks context.

Malicious apps are ONE of the ways you can be exploited, not the only way.

And you can easily get a malicious app onto Apple's store, they mostly just care about if you are violating their policy or not (as long as you pass their automated scanners). That said, I will note that enterprise can also sideload apps.

Google play in comparison scans even existing apps that are gotten outside of the store.

In enterprise, upgrades are pushed by policy. So it is possible for upgrades to be delayed.

While in android, security upgrades are independent of version upgrades. So it is much easier to push a security upgrade on Android where as for iOS you have to evaluate every major upgrade.

Let me make it easier for you, what is programmed can be reprogrammed, what is coded is decoded. Nothing is secure and besides the Apples , Googles and MS are the biggest stealer and tracker of your privacy and activates passing it on the Uncle Sam and its affiliates. And when you have solid knowledge of Networks, it is a different ball game. All the devices sucks

While they ALL "suck" what they are saying is that there are more users with iOS devices OLDER than the iPhone10 that no longer get updates that fall for the phishing scams then Android users.

After all the REAL problem rests on the USER - not on how updated or not the Browser and underlying OS is.

I'd bet that current Android, iOS and even WIN OS's have EQUAL vulnerability here.

I won't go into the IT departments that allows insecure mobile devices on their LAN to exist...

[GeorgeS]

For those that are wondering: "The iPhone X, also known as the iPhone 10, was released on November 3, 2017. It was available for pre-order on October 27, 2017"

Ok, gee if you are still using an iPhone9 in 2024-2025 you MIGHT be vulnerable?

While MOST folks upgrade/toss their phones every 18-25months the iPhoneX(10) was 7 years old October 2024!

Frankly, I'd LOVE to hear/see news articles about all the malware to be found in the Apple App Store as well as the (seemingly countless!) articles about iOS devices being HACKED and infecting the LAN's they are attached to.

Oh wait - you must mean Android devices right? LOL!!

Forgetting the primary problem is the USER themselves next in line is the carrier's. Why can anyone send a text message to any phone number they wish?

Back in the early 90's email servers had a 'break through' with a simple 'reverse lookup' for incoming SPAM stopping it in its tracks!! (the From domain in the email needed to line up with the IP addresses for that domain)

However in 2025 iPhones can only 'filter' incoming calls & texts to 'unknown sender' folders rather than not getting them delivered to the phone/device at all in the first place. :(

As mentioned earlier, which/what "IT Professional" in their right minds allows unmanaged & unprotected devices on their LAN in the first place?

[RobertJasiek]

While MOST folks upgrade/toss their phones every 18-25months the iPhoneX(10) was 7 years old October 2024!

1) If you mean smartphones, do not write "phones"! (I keep my land line phones 15 ~ 25 years.)

2) What is your evidence for most people (world-wide?!) changing the smartphones every 18-25 months? (I would not be surprised if the contrary should be true.)

3) 7 years is not impressive at all.

[GeorgeS]

While MOST folks upgrade/toss their phones every 18-25months the iPhoneX(10) was 7 years old October 2024!

1) If you mean smartphones, do not write "phones"! (I keep my land line phones 15 ~ 25 years.)

2) What is your evidence for most people (world-wide?!) changing the smartphones every 18-25 months? (I would not be surprised if the contrary should be true.)

3) 7 years is not impressive at all.

1) In MOST markets in the modern world, you simply CAN'T get anything BUT a "smart phone" anymore. (besides this whole string is ABOUT smart phones, not your land line)

2) In the western world at least, the CARRIERS push their users to new smart phones to help lock them into contracts. <2yrs if not 18mos is very normal. Many of the carriers offer them FREE.

3) Given that many/most 'Android' devices get ZERO updates at all (unless it is a 'flag ship' model) 7yrs MIGHT be impressive (if we compare it to other consumer items), however given that most would of long ago replaced their device anyway (the battery in a smart phone is usually good for 3-5yrs of charge/discharge cycles and iPhones don't have user replaceable batteries - the solution is get a new phone)

Users in the western world are fairly drunk on the capitalism Kool-aid that anything but the latest and greatest is: to slow, outdated, unusable, obsolete junk and needs to be replaced ASAP.

Funny stuff.

[RobertJasiek]

1) In MOST markets in the modern world, you simply CAN'T get anything BUT a "smart phone" anymore.

In Germany, it is very easy to buy a mobile dumb phone and easy to buy a wireless land line phone. Therefore, I expect a similar situation in other EU / EFTA / UK. (I do not know about USA / Canada.)

2) In the western world at least, the CARRIERS push their users to new smart phones to help lock them into contracts. <2yrs if not 18mos is very normal. Many of the carriers offer them FREE.

Maybe this is so in the USA. E.g., in Germany, the endusers have free choice whether to buy smartphones and contracts (can also be prepaid) separately.

3) Given that many/most 'Android' devices get ZERO updates at all (unless it is a 'flag ship' model) 7yrs MIGHT be impressive

Hehe, the most unfortunately indeed.

Users in the western world are fairly drunk on the capitalism

Quite a few users. Similar in China and South Korean. (Unsure about Japan.) However, things are changing gradually.