McAfee kicked off 2009 by releasing two reports that consumers should be keenly interested in reading: 2009 Threat Predictions and the January 2009 Spam Report. These reports highlight the key trends in cybercrime and reveal how we expect online criminals will take advantage of people during these tough economic times while trying to evade security software.
As the recession continues and unemployment rises, we foresee the top cybercrime trend for 2009 as the continued exploitation of the financial crisis to scam people with fake financial transactions services, bogus investment firms and fraudulent legal services.
A related trend will be cybercriminals targeting people looking to advance or change their careers through further education. McAfee Labs researchers have seen major spikes in diploma and advanced schooling scams that have coincided with major corporate work force reductions in the car manufacturing, chemical and technology industries.
Our Threat Predictions/Trends for 2009:
- Threats on Social Networking Sites - Cybercriminals no longer deliver threats only via spam. They are taking advantage of Facebook, MySpace and other popular social networking sites. McAfee expects this trend to continue throughout 2009; eventually displacing more traditional ways of malware distribution like email.
- Personalized Threats Speak Your Language - McAfee expects to see the continued expansion of malware in languages other than English. Cybercriminals have come to realize that by diversifying into a global market they can access even larger pools of valuable identity and confidential information.
- Malware Targets Consumer Devices - McAfee expects increased attacks involving USB sticks and flash-memory devices used in cameras, picture frames and other consumer electronics. This trend will continue due to the almost unregulated use of flash storage across enterprise environments as well as their popularity among consumers.
- Security Software Scams - The malware underworld is using mainstream practices in an effort to "sell" security software that is either misleading or outright fraudulent. McAfee expects this trend to continue.
- Pharmacy Spam - Pills remain a big part of global spam. Enhancing your love life through chemical additives is huge business. Spam selling low-cost drugs from other countries can even arrive pretending to be other types of spam, with subjects and content associated with fake news, Internet dating, casual communications and stock reports all linking to pharmacy websites. Pharmacy spam is a monster and is certainly not looking to disappear anytime soon. (See the screen shot of below of an inbox stuffed with “Pharmacy Spam.”)
- Abusing Free Webhosting/Blogging Services - Websites like Geocities, Blogspot and Live.com allow anyone to create a public website for free; without the authentication necessary when purchasing a domain name website. This gives spammers the opportunity to run their underground business with minimal expenditure of resources.
Spam that is hosted from do-it-yourself social website hosting providers arrives at the destination with far greater frequency than links pointing to domain names assigned by legitimate registrars. With little to no threat of punishment for their hosted content, and the new restrictions on short-term domain tasting, the attractiveness of free bandwidth offered by these sites will undoubtedly draw greater focus from malicious parties.
- More Targeted Phishing and Corporate Blackmailing – Botnets, a.k.a. Zombie computers, that spread into corporate networks and financial datacenters will increasingly be used to gather sensitive information that can be used for blackmail or sold on the underground market.
- Browser-based Attacks – Cybercriminals will increasingly attack via web browsers as they are the least protected and, therefore, easiest way to transfer malware.
- Security Breaches of Confidential Data – Information that is managed by partner and subsidiary companies of bigger companies will be exposed more frequently, forcing an overhaul of data security practices.
- An Increase in Localized Phishing Campaigns – Online scammers will increasingly target specific communities, especially on college campuses, where professional-looking emails claiming to be associated with the school's financial or scholarship department will be blasted to all the students at the school. This is a significant danger to people who are just becoming responsible for their own finances.
- More Scams Involving Home Businesses - "Legitimate" home business scams generally involve either a pay up front and do-it-yourself kit, or a pay-to-play shell game of training and certification. We'll see more of it on the television, and the same infrastructure that supports diploma spam and confidence fraud will adjust to the new unemployment reality and will offer people some new bait on the old check cashing scam.
- Increase in Forging and Abuse of Free Email Services - The free email services have started to allow accounts to send mails with arbitrary “from” addresses. This has increased the usability of these services significantly to businesses, but has also increased the “abusability” by spammers.
- McColo: The Effects of a Takedown - Spam traffic took a tremendous dive in volume when ISPs pulled the plug on spam host McColo Corp., the source of up to 60 percent of worldwide spam. In 2009, we expect to see a continued shift in organizations, from passive support of law enforcement to an active role of working collaboratively with ISPs and global Internet entities such as ICANN.
- New Businesses to Replace Lost McColo Hosting - Hosting companies will be set up in countries that are eager to embrace a burgeoning Internet market and will offer services to replace the disrupted command and control centers formerly hosted by McColo. These may be used as pawns by entities that perceive strategic value in sculpting the battlefield of the future.
In conclusion, McAfee recommends that you keep your security software up-to-date, and use a brand that implements a multi-layered approach that preemptively detects and blocks cyber attacks.