Social networks are more dangerous than porn sites; more than one in five harmful links are to be found on Facebook and similar sites, an IT security firm suggests.
Cybercriminals are increasingly exploiting the fact that people spend a great deal of time on social networking sites, such as Facebook. The scam is a simple one: attackers place harmful links in targeted places on Facebook and similar sites, with the aim of luring users to contaminated websites. According to statistics provided by Kaspersky Lab, more than one in five harmful links are to be found on social networking sites. The IT firm says that cybercriminals use a range of methods to lure victims to harmful websites. As well as manipulated search results, spam in social networks was a major problem in 2011. Some 21 per cent of all harmful links were discovered by Kaspersky Lab’s staff on social networking sites, with Facebook and its Russian clone, VKontakte, leading the way. In comparison, just 14pc of harmful links were found on X-rated sites.
Spam
Thanks to the disabling of major botnets, the volume of spam was greatly reduced in 2011. This is, however, by no means the end of the matter. While the volume of spam is declining, the number of emails containing harmful attachments or links is on the increase. In addition, phishing attacks are becoming more professional. The unyielding fight against botnets is now working; spam has been reduced to around 80pc of the total email traffic, continuing the strong downward trend established in 2009. The percentage of phishing emails has also considerably decreased. In 2011, Kaspersky Lab identified just 0.02pc of the total email volume as phishing – a 15-fold reduction. The spam problem has not, however, been resolved. More and more emails now contain either harmful file attachments or links, with 2011 bringing a 70pc increase in such messages. Although the volume of spam was reduced in 2011, the messages themselves became more dangerous. Spam emails containing harmful attachments or links made up 3.8pc of the total email traffic. In such cases, attackers attempted to trick their potential victims into opening the file attachments or clicking on the links. In order to do this, 2011’s spammers used well-known ruses, including disguising their messages as official bank notices or promising sensational content, such as videos or pictures of celebrity deaths. The topic of phishing is also one that cannot be dismissed. While the number of phishing mails has been considerably reduced, Kaspersky Lab says that it is seeing a trend towards more targeted phishing attacks. Rather than sending mass emails, professional phishing attackers are focusing on small, selected groups. This technique, known as “spear phishing”, has the same aims as regular phishing, but is generally carried out in a much more professional manner. Its perpetrators create official-looking registration forms or websites, and even address their victims by name.
