Here’s a good example of a malicious attack that banking customers receive on a regular basis. I received this one because MetaCert is a Silicon Valley Bank customer and apparently customers like us are being targeted with this scam.
Most people worry about clicking the wrong links and submitting their passwords to the wrong sites. Imagine if Microsoft opened web links inside Outlook instead of your browser.
Now imagine if Outlook didn’t display the URL before loading websites. Would that concern you as an end user? Would it concern you as a person responsible for the protection of your corporate data?
That’s what happens when users click on web links inside mobile apps. I don’t really want to name apps that expose you in this way as they’re potential customers of MetaCert and I don’t believe in scare tactics to get noticed.