The AVG threat research lab expects no radically new web threats in 2012, but rather refinements of existing scams and malicious techniques.
We expect business-as-usual for the dark side, although there seems to be some small successes in fighting the bot nets that distribute vast amounts of spam (including that containing malcode.) In 2011, Microsoft had some significant successes in taking down bot nets using a combination of legal and technical approaches. So it’s good to know that there is some pressure bring put on the distributors of Internet badness.
Here are the threats that we expect to see in the new year in more-or-less priority order:
1. Social media scams will continue at the present rate or increase
The bad guys are going to continue to go after the low-hanging fruit on social media sites. This is a vast goldmine. Facebook estimated in July that it had 750 million users worldwide ( http://www.facebook.com/press/info.php?timeline ) Facebook users with unsecured personal information can expect it to be in the hands of unscrupulous operators who sell it as marketing data.
Fake celebrity news videos and stories will be some of the most used bait for scams and rogue security software installations. These scams will appear as videos or URLs in Tweets or Facebook posts that will lead to survey scams, and sites that download malicious code.
2. Toolkits will continue to appear and they will get more sophisticated
These highly sophisticated applications give malicious operators the capability to quickly design and install customized malicious code. Recently we’ve begun seeing them used to deliver rogue security products – which are huge moneymakers for the dark side.
3. Trojan horse programs, will continue to be the largest category of malicious code,
These are applications available for download that really install key loggers or other info stealers. These like other malware will continue to exploit vulnerabilities on the application level with Adobe products being large, slow moving targets. Browser vulnerabilities also will be targets. Web users are cautioned to install updates promptly to keep their machines secure.
4. Rogue security products will not go away.
These fake anti-virus scanners with professional graphic interfaces and alarming phony scans are not going to go away. In 2011 we started to see them being installed by tool kits.
5. Malware for mobile devices will continue to evolve
Mobile device users should only install apps from legitimate sources. Malicious apps will probably become more sophisticated and more widespread as the malicious operators learn to write for the new operating systems. These will steal personal information for the spammers and underground marketing operators and take passwords for banking and payment system theft.
6. Malicious spam and phishing will continue to be a threat to everyone who uses email.
The Messaging Anti-Abuse Working Group estimated that spam email comprised 88-90 percent of all email in the first three quarters of 2011. http://www.maawg.org/sites/maawg/files/news/MAAWG_2011_Q1Q2Q3_Metrics_Report_15.pdf That volume alone is a problem, but the malicious spam – the spam that tries to trick users into revealing their login credentials to bank, payment system or gaming sites – is the core of the menace. Users should continue to avoid opening attachments or clicking on links in unsolicited email. Spam emails forwarded by friends also can be a threat.
7. Search engine optimization poisoning might decrease as search site operators improve their techniques for detecting it.
Poisoned links in search engines will continue to take victims to sites that download malware on their machines. The biggest draws will be celebrity news and news about major news stories.
8. Fake surveys will continue to waste time and steal money
Anyone familiar with Facebook, by now, has seen this trick. A friend “likes” a lurid video or an offer of a free computer/phone/gift card. Clicking on the video takes one to a long series of “survey” questions and offers for subscriptions to worthless services. These scams often gather victims’ cell phone numbers in order to bill monthly charges.
9. Fraudulent web sites selling phony or non-existent goods will continue to attract victims.
“Canadian pharmacy” sites pushing Viagra and Cialis (often called “penis pill sites”) will continue to thrive. Internet users will get to them chiefly via links in spam. They purport to sell prescription drugs, but really steal credit card info or sell placebos or drugs with incorrect dosages – which in some cases can be fatal.
10. Malicious iframes on legitimate web pages will continue to be a serious vector for attacks.
These can be placed on pages intentionally, by hackers who want to draw victims to malicious sites, or unintentionally, as when the advertising services that deliver ads to web sites get compromised and push out links to pages that download malcode.
– AVG Threat Research Group