Phishing attacks on Android devices have become increasingly sophisticated, exploiting messaging apps, SMS, and notifications to deliver malicious links that lead to credential theft, account hijacking, or device compromise. Kaspersky for Android has introduced a new anti-phishing security layer called Notification Protection, which scans notifications from any app for phishing links and blocks them by replacing the notification with a warning. This complements the existing Safe Messaging layer that blocks dangerous links in SMS and popular messaging apps like WhatsApp, Viber, and Telegram, as well as the Safe Browsing layer that prevents access to malicious websites in browsers such as Google Chrome, Firefox, Samsung Internet, and Huawei Browser. The Notification Protection layer requires users to grant accessibility and notification access permissions, enabling the app to scan notification text for standard URLs. It does not read private messages or detect links hidden by special formatting or anchor text. The solution addresses the growing threat of phishing links delivered via hijacked accounts or zero-click attacks, where simply visiting a malicious URL can compromise a device. The update also advises Telegram users to disable the in-app browser to ensure links are opened in external browsers where Safe Browsing can function effectively. This multi-layered approach creates a robust defense against phishing by intercepting malicious links at multiple points of user interaction on Android devices. The update is available to all Kaspersky Standard, Plus, and Premium subscribers and aims to reduce the risk of phishing-related compromises in mobile environments.

For European organizations, the threat of phishing on Android devices poses significant risks including credential theft, unauthorized access to corporate resources, and potential lateral movement within networks if mobile devices are used for corporate communications or access. The rise of zero-click attacks increases the risk of compromise without user interaction, potentially leading to data breaches or ransomware infections. Organizations with employees using messaging apps like WhatsApp, Telegram, and Viber are particularly vulnerable due to the prevalence of phishing links in these platforms. The enhanced Kaspersky anti-phishing features help mitigate these risks by providing real-time detection and blocking of malicious links across notifications, messages, and browsers. This reduces the likelihood of successful phishing attacks that could lead to account hijacking or device compromise. However, the effectiveness depends on proper configuration and user adherence to security recommendations. Failure to enable all layers or adjust app settings (e.g., Telegram’s in-app browser) may leave gaps in protection. Overall, this threat and its mitigation are critical for maintaining mobile security hygiene and protecting sensitive corporate and personal data within European enterprises.

1. Ensure all Kaspersky for Android anti-phishing layers are enabled: Notification Protection, Safe Messaging, and Safe Browsing. 2. Grant necessary Android permissions including Accessibility and Notification Access to allow comprehensive scanning of notifications and messages. 3. Configure messaging apps, especially Telegram, to open links in external browsers rather than in-app browsers to enable Safe Browsing protections. 4. Educate users on recognizing phishing attempts and the importance of not clicking on suspicious links, even from known contacts. 5. Regularly update Kaspersky for Android to benefit from the latest threat intelligence and security features. 6. Monitor and audit mobile device security policies to ensure compliance with recommended settings. 7. Integrate mobile anti-phishing controls with broader enterprise mobile device management (MDM) solutions for centralized oversight. 8. Encourage use of multi-factor authentication (MFA) on all accounts accessed via mobile devices to limit impact of credential theft. 9. Conduct phishing simulation exercises tailored to mobile phishing scenarios to raise user awareness. 10. Maintain up-to-date incident response plans that include mobile phishing attack vectors.