Hackers, spammers and phishing scam creators are loving their new destinations.  As per the new report on cyber security by Symantec, the users of social networks and search engines are more likely to face attacks of viruses, malicious codes and phishing scams.

Alfred Huger, vice president of engineering at Symantec, says:

The malicious attacks - including recent exploits of users of Google, Facebook, search engines, Mozilla and others - are designed to steal user credentials or launch bigger attacks through the victim’s social network of contacts.

The hackers are switching for their earlier favorite method, email, and now they are using reliable websites to drive traffic to sites loaded with viruses and malacious codes.  Previously, I had covered how the combination of Google Trends and Blogspot is being used to spread viruses.

So how do the hackers use these sites:

Social Networks: Hackers use the open architecture of social networks and their platform to create and deploy applications loaded with malicious codes and implant links to malicious websites.  Some of the examples are the Facebook application for users to find out who have a crush on them and the recent worm which spread on Orkut through the scraps posted on user profiles.

Search Engines: The hackers are using Google to redirect the users to sites loaded with malicious codes.  The search result links which look very relevant to the search and legitimate often redirect users to infected websites.  I have myself experienced this and even posted about how the combination of Google Trends and Google Blogger is used for spreading viruses.

Another method which is being used by the cyber criminals for phishing scams is the Google Calendar.  Jamz Yaneza, research project manager at Trend Micro, says,

Scammers are sending personalized e-mail as meeting invitations in Google Calendar. Since each e-mail has a different link for each recipient, it is harder for spam filters to detect anything wrong.

So, even if you use an anti-virus tool on your computer, you may not be safe from these attacks.  There are other solutions from the security companies like using certified e-mail, web page scanners and browser security tools which can be used to prevent yourself from hacking and phishing attacks.  The ultimate tool, however, is being cautious and not to click on any link which looks suspicious or install any application from an unreliable source.

Popularity: 5% [?]