These attacks generally have a technical element as well. The latest variants of the Mac scareware take advantage of a setting in Safari to automatically open “safe” files, and the ‘cookiejacking’ attack uses a weakness in the security zones protection of Internet Explorer. But, technical component aside, these attacks rely on somehow convincing the user to do something through social engineering.

A post on the Windows Security Blog focused on the ‘cookiejacking’ attack explains, “This is a form of social engineering attack and these kinds of threats will remain a concern for Internet users on all browsers. Software vulnerabilities are not needed for these kinds of threats to be successful so it is always a good idea to follow best practices – regardless of the browser you are using – in order to stay safe.”

The post offers six simple tips you can use to identify social engineering attacks, and avoid becoming a victim.

1. Odd messages from friends on social networking sites to participate in games or offers you must act upon immediately.
2. Alarmist messages and threats of account closures.
3. Promises of money for little or no effort.
4. Deals that sound too good to be true.
5. Requests to donate to a charitable organization after a disaster that has been in the news.
6. Bad grammar and misspellings.

If you want to get to the bottom of something–whether it is a political scandal, a murder mystery, or the source of rogue AV scareware attacks against Mac OS X…follow the money.

Security reporter Brian Krebs did just that and he has connected the dots leading from MacDefender and the sudden plague of Mac malware back to a Russian payment processing company–ChronoPay.

Observant Mac users reported the domain names that the rogue AV attacks were being directed to for payment. Krebs did some digging into the WhoIs details to try and determine the owner of those domains to follow the money back to the source. It so happens that Krebs is also in possession of tens of thousands of pages of ChronoPay documents leaked in a data breach last year which allowed him to follow the trail back to ChronoPay.

It is unclear how that knowledge can be put to good use. Given the nature of international law enforcement, prosecuting attacks across national borders can be tricky.

In the meantime, Mac users should just be aware of the issue, and follow the guidance from Apple to address the threat pending an update for Mac OS X to guard against it.

A Microsoft On The Issues blog posts describes some of the key findings of Microsoft SIR v10:

· Rogue Security Software – Rogue security software was detected and blocked on almost 19 million systems in 2010, and the top five families were responsible for approximately 13 million of these detections.

· Phishing – Phishing using social networking as the lure increased 1,200 percent – from a low of 8.3 percent of all phishing in January to a high of 84.5 percent in December 2010. Phishing that targeted online gaming sites reached a high of 16.7 percent of all phishing in June.

· Adware – Global detections of adware when surfing websites increased 70 percent from the second quarter to the fourth quarter of 2010. This increase was almost completely caused by the detection of a pair of new Adware families, JS/Pornpop and Win32/ClickPotato, which are the two most prevalent malware in many countries.

A rapidly increasing number of Mac users are learning just how pervasive the rogue AV threat is as well. Mac Defender has been plaguing Mac OS X to the extent that Apple finally had to admit it is an issue and commit to delivering a fix for Macs to detect and prevent the threat.