WhatsApp, Slack, Teams, and other messaging platforms face constant security risks

42% of businesses report employees with BYOD devices in business settings that use tools like WhatsApp have led to new security incidents, according to SafeGuard Cyber.

Messaging platforms like WhatsApp, Telegram, Slack, and Teams face constant threats, emphasizing the need for robust protection. 66% of threat indicators are found in transient messages associated with these cloud-based collaboration tools.

WhatsApp is gaining popularity for enterprise communication, but not without risk. Of the messages flagged for security or compliance risks, 42% occurred in WhatsApp, 24% in Telegram, 17% in Slack and 17% in Teams.

Popular messaging apps are commonly used to carry through social engineering attacks. Of the messages flagged, 42% are trigger impersonation warnings.

Employees are sending files in breach of regulatory compliance laws

Of the messages flagged, 23% include attachments that are flagged as potentially sensitive and in breach of regulatory compliance laws.

Today’s threat landscape is multilingual, and cyber criminals will target victims wherever they are. For global companies that operate in multiple markets and multiple languages, the threat is very clear. Of the messages flagged on WhatsApp, 24% are in a language other than English.

“Clearly, there is an evident shift away from traditional email for business communication. Employees have carried over the use of popular messaging apps like WhatsApp and Telegram from their personal lives to conduct business. Although beneficial for productivity, our data indicates that the rise of these apps means new entry points for bad threat actors,” said Chris Lehman, CEO, SafeGuard Cyber.

Employees embrace cloud-based collaboration tools for customer engagement

According to report findings, employees monitored on the SafeGuard Cyber platform that use WhatsApp for customer engagement averaged 200 mobile messages per day.

Further, data shows that customers are more likely to engage with content via WhatsApp than any other platform:

• 15 minutes is the average time to view messages
• More than 30% of messages in WhatsApp are opened in less than 5 minutes after receipt
• More than 85% of content messages are viewed/opened in the first hour

These numbers validate an employee’s decision to use a cloud-based tool for customer communication, yet many enterprises lack effective security measures to monitor these instances.

Continued Lehman, “Enterprises need to adjust security strategies that will complement human behavioral patterns. As easy as it is for an employee to engage a customer through WhatsApp, a hacker can carry out a simple phishing attack in hopes of tricking a user into revealing sensitive information. The answer here is through unified visibility and contextual analysis.”

The proliferation of cloud-based collaboration tools and the new personal/business crossover has created the newest attack category, Business Communication Compromise. Cloud-based apps and tools have become a staple in business, and yet humans remain the greatest threat to the enterprise – whether intentionally or accidentally.

Bad threat actors target the full range of collaboration tools to exploit login credentials, financial reports and other proprietary data.

Organizations must fortify their defenses to protect critical data and operations; much of this relies on gathering greater visibility over business communication channels. With the help of machine learning (ML) and artificial intelligence (AI), enterprises can understand the full breadth of biz comms.

ML and AI tools can reveal the context and intent of language-based attacks across collaboration channels.