They also take advantage of the tension between users who want their Facebook, Gmail and Salesforce and IT departments trying to make sure those connections don't give malware or intruders safe passage through firewalls, antivirus, intrusion prevention and other security systems.
Stopping the Facebook variant of Ramnit is easy enough if you shut off all access to Facebook from inside a corporate firewall.
Private VPNs, proxies and other simple banned-site-bypass techniques are simple enough and well enough known to make any ban ineffective, however.
The increasing reliance of users on SaaS and cloud-based resources also makes it impractical to simply cut off the cloud at the first sign it might be carrying something noxious.
So if you're looking for a major new malware threat for 2012, you've found it. Cloud computing and social networks have become so widely used that corporate users rebel when prevented from using them.
They'll continue to fight for that access, even if they realize malware writers make far better use of social-network connections than end users do.
That's a problem for IT, they figure. And they're right. It's a problem users aren't going to solve, social-network and cloud-services vendors won't solve to the specifications of individual user companies. And it's a problem that can't be left unsolved. So IT is the only one left to do it.
One more problem, which is actually a benefit to help keep underworked, overstaffed IT security departments busy. Because there weren't enough security risks available before to keep them from getting bored.