Sophos, Websense reveal malware trends
When Bill Gates declared in 2004 that spam would be a thing of the past within five years, few believed his claim. Now two new reports, from security vendors Sophos and Websense, have revealed that spam is still causing massive problems for businesses and consumers.
The Sophos report examined the latest trends in spam during the final quarter of 2008 and found that spammers are veering away from more traditional spam techniques and becoming much more creative in their approach.
The findings of this report echoes McAfee’s 2009 Threat Prediction Report, which suggest cyber criminals would start using the cloud as their primary malware delivery vehicle.
Sophos indicated that during Q4 2008, spam took on a more malicious design, aiming to infect users’ computers via sophisticated malware attachments or a link to malicious or infected websites, in order to steal sensitive information.
Graham Cluley, senior technology consultant at Sophos, said: “The rumours of spam’s death have been greatly exaggerated over the years – the threat remains alive and kicking despite increased legal action against spammers, the occasional takedown of internet companies which assist the cybercriminals, and constantly improving anti-spam software.”
Cluley also said that spammers are increasingly turning to social networking sites to spread malware and launch attacks.
“Spammers really took to using sites like Facebook and Twitter as a vehicle for their spam antics during the last three months of 2008. Cybercriminals have cottoned onto the fact that social networking users can be more easily fooled into clicking on a link that appears to have come from a trusted Facebook friend, than if it arrived as an unsolicited email in their inbox.”
“The notorious Nigerian 419 scammers have even evolved, masquerading as Facebook friends in order to trick unwary users into parting with valuable sensitive and financial information.”
Websense’s State of Internet Security, Q3-Q4 2008 revealed many similar trends.
The explosion in use of social networking sites such as Facebook and Flickr, as well as other Web 2.0 ventures, has not been limited to consumers. Enterprises are jumping on the bandwagon and using Web 2.0 to develop closer relationships with clients.
Employees using social networking in their daily lives are now expecting to be able to use it at work as well. Websense noted that the rise in use of Twitter as a enterprise tool has been mirrored by the rise of it being used for malicious purposes.
The report noted that many organisations lack adequate security technologies and practices to enable safe Web 2.0 use to protect from data loss and malicious attacks.
Dan Hubbard, Websense chief technology officer, said: “We’re seeing an increase in cybercriminals taking advantage of the growing number of Web 2.0 properties that allow user generated content. More than ever we’re seeing attackers inject web sites with links and iFrames to direct users to malicious and compromised sites with the ultimate purpose of stealing data.”
Websense’s report also discovered that 70% of the top 100 most popular web sites either hosted malicious content or contained a masked redirect, which aimed to lure users to a malicious site from a legitimate one.
Websense Security Labs also reported that 90% of all unwanted emails in circulation in the second half of 2008 contained links to spam sites and/or malicious web sites.
Hubbard added: “In the last six months criminals have really stepped up their game in a few notable areas. Spammers are increasingly using links to malicious web sites and spam sites in their email campaigns to lure users and evade security systems that lack web intelligence.”
Both reports indicated that the trends would continue throughout 2009. Cluley said: “Ultimately while users are still falling for these scams, the fraudsters will continue. And while the authorities are making great progress, everyone must take steps to ensure they don’t fall victim.”