Authors of malware are increasingly using hot search topics to drive unwitting Web users to links where their computers can be infected. That’s the major conclusion of the Websense Security Labs Report - State of Internet Security, Q3-Q4 2009.
“The second half of 2009 saw malware authors focus their efforts to ensure they drovevictims straight to them,” the report says. “Search Engine Optimisation (SEO) poisoning attacks featured heavily, and Websense Security Labs research identified that 13.7% of searches for trending news/buzz words lead to malware.
“In addition, attackers continued to capitalise on Web site reputation and exploiting user trust, with 71% of Web sites with malicious code revealed to be legitimate sites that had been compromised.”
Websense researchers also report that 95% of user-generated comments to blogs, chat rooms and message boards were spam or malicious; 35% of malicious Web attacks included data-stealing code; 58% of data-stealing attacks were conducted over the Web; 85.8% of all emails were spam, and there was an average growth of 225% in malicious Web sites.
Tens of thousands of email accounts were stolen during the quarter reported, and their details were posted online. This was the major contributor to the growth in spam.