Five top security threats you fell for in 2010

Spammers, scammers and social engineers

Malware, spam and phishing attacks carried out via Facebook and other social networking platforms doubled in 2010, according to a report released today by security company Sophos. From iPhones to scareware, we look at the top five trends that made 2010 another bumper year for cyber-criminals - and the ones to look out for in 2011...

1. Social networks and 'clickjacking'

Social networks were the big story of 2010, with Facebook announcing in July last year that it had reached 500 million users. So it wasn't long before scammers moved in, using social engineering techniques to exploit to their inexperienced and often inquisitive teenage audience.

By December 2010, phishing attacks carried out via social networks had more than doubled, with 43 per cent of users questioned by Sophos reporting that they'd received an attempt. In April 2009, the figure was 21 per cent.

Spam continued to rise on social networks during 2010, with 67 per cent of users questioned by Sophos saying they'd received spam, up from 33.4 per cent in April 2009.

Malware too was up, with 40 per cent of users saying they'd received software, against 21.2 per cent the previous April.

One of the most widely used tricks is clickjacking or "UI redressing". This involves creating malicious pages containing seemingly legitimate buttons or links that do something altogether different from what they claim to do.

These buttons can be used by cyber-criminals to download malware onto users' PCs or grant access to confidential information. Sharing or "Liking" this content often sends the attack out to the victim's contacts, or propagates it via social networking status updates.

Last year, an increasing number of victims were lured by promises of nude pics of celebs, shark attacks or car crash videos.

2. Mobile (in)security

Gartner estimated that more than one in six people would have access to a high-tech mobile device by the end of 2010, such as Apple's iPhone or a handset based on Google's Android OS. With them comes a whole new world of security threats.

As we reported last December, malware aimed at smartphones increased by 33 per cent in 2010.

Even before the launch of Apple's iPhone 4 sparked a surge of interest in smartphones, hackers had released source code for potential spyware designed to infect BlackBerry and iPhone handsets. They followed it up by duping more than 8,000 iPhone and Android users into joining a proof-of-concept botnet.

The vast array of apps available on both iOS and Android platforms has made it easier for cyber-criminals to sneak malware onto the devices. Hackers have exploited the promise of so-called 'jailbreak' software, designed to allow users to install unauthorised software, to persuade them into downloading malware onto their handsets.

More on Page 2...