Symantec has released its MessageLabs Intelligence 2008 Annual Security Report, and social networking sites and the credit crisis are providing new platforms and fears upon which new spam attacks are being launched, CNNMoney.com reports.”Web 2.0 offers endless opportunities to scammers for distributing their malware — from creating bogus social networking accounts to spoofed videos — and in 2008 the threats targeting social networking environments became very real,” said Mark Sunner, chief security analyst at MessageLabs.
“Web 2.0 thrives on user-generated content, as do the spammers. The ability to adapt to new mediums and upload enticing content as ‘snake oil’ to persuade an information-hungry user to activate it is one of the cybercriminals’ strongest talents and has made them successful in transforming deception into a fully scalable business model within the underground shadow economy,” Sunner said.
In addition, towards the end of this year, the credit crisis generated many new finance-related spam attacks as scammers tried to take advantage of the resulting panic and uncertainty. “Spammers increased the number of finance-related emails, including phishing attacks targeting banks and credit unions, lottery scams, loan and job offers and other financial enticements,” the report finds.
In particular, the article mentions phishing via fake profiles on social networking sites, which I’ve witnessed on Facebook this year. In a couple of instances, spammers managed to commandeer an individual’s screen name and post “wall” comments (linking to suspicious-sounding sites) as though they were that person. And I have certainly noticed an increase in the number of emails notifying me of the “contests” I’ve won if only I’ll provide bank account information, or “exciting job opportunities” for the unemployed. I thought I must have accidentally provided my email address to a questionable site, but it sounds like the number of those emails really has increased.
I’d encourage you to look over the full report to better understand the spam landscape. Among the report’s findings: Total spam levels peaked at 82.7% in February and averaged 81.2% for the year, compared with 84.6% the year before (so, surprisingly to me, the percentage of spam has actually decreased). As much of 90% of the spam was distributed by botnets.