Spam, malware dominate online user comments, Websense reports
The Websense Security Labs "State of Internet Security Q1 – Q2 2009," also notes that the number of malicious Web sites more than tripled.
A staggering 95% of all "user-generated comments" for blogs, chat rooms and message boards online are spam or malicious, according to a new Websense report on security threat trends.
"That's the first time we started monitoring that," says Patrick Runald, Websense senior manager for security research, about the level of spam and malware ploys carried out around blogs and chat rooms.
The Websense Security Labs "State of Internet Security Q1 – Q2 2009," which covers the period up to June of this year, also notes that the number of malicious Web sites for the period more than tripled. In addition, 77% of Web sites with malicious code are said to be legitimate sites that have been compromised.
"The bad guys are finding new ways for disseminating malware," Runald said. "It's getting worse."
According to the Websense Security Labs report, based on data collected in part from scanning 40 million Web sites every hour, 61% of the Top 100 sites are said to either be hosting malicious content or containing a masked redirect to lure unsuspecting victims from legitimate sites to malicious ones.
Facebook, YouTube become malware magnets
More than 47% of the Top 100 sites, particularly social-networking sites, such as Facebook or YouTube, support user-generated content, which the report notes is becoming a significant way to disseminate malware and conduct fraud.
"On Facebook and other social-networking sites, there's an explicit sense of trust," says Runald. "That's why the bad guys are attempting to exploit it, with malware like Koobface, which could hijack your machine and send messages."
In the area of cybercrime, one significant attack that took place involved criminals seizing control of the CheckFree Web site and attempting to re-direct users to a Web site hosted in Ukraine that tried to install malware on victims' computers. The report said CheckFree has more than 24 million customers and controls 70%-80% of the online bill-payment market.
Network World
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
On Twitter now
malware
Powered by TwitterOn Twitter now
malware
Brian Proffitt
Microsoft/Novell: Breaking Down the Coupon Numbers
Esther Schindler
Drupal's Dries Buytaert on Building the Next Drupal
Tom Henderson
Top Ten General Operating Systems Rants
pasmith
PS3 motion controller delayed; goes up against Project Natal
sjvn
Neolithic Windows security hole alive and well in Windows 7
claird
Perl source code comparison makes for good reading
James Gaskin
Learn How To Print Pages In Order with Ink Jet Printers
mikelgan
Cell phones don't create stress or interrupt much
Sandra Henry-Stocker
How to: The Unix Interview
Where Google Chrome security fails: the password
I heard mention that the Chrome OS will have some sort of encryption available a la bitlocker. If it's possible to encrypt personal data using another password or key, then it may have potential for very secure data.... And Ubuntu has an 'encrypt home directory' option, perhaps google should follow suit.
- Dann
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
- Ubuntu advances: Why Ubuntu server installations will surge in 2010
- Social media marketing: How to make friends with benefits
- More...
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
