The easiest way to limit the Internet security risk of malware is to understand the most common ways users are exposed to malware networks and to take proactive steps to avoid them. In order to do this, it is vital to understand how cyber criminals target potential victims.
While many schemes to bypass Internet security measures may seem complex, cyber criminals primarily use the path of least resistance. This allows them to inflict maximum damage with the least amount of effort. According to several Internet security reports, there are a variety of ways users are exposed to malnets but three of them are especially important to be aware of.
Search Engines/Web Portals
One of the most common ways users stumble upon a malnet is through search engines and web portals. Cybercriminal utilize search engines in the same way legitimate businesses do. This is a significant Internet security threat because most people inherently trust search results. A recent Internet security report noted that 1 in 142 searches will lead users to a link to a malicious website.
E-mail will always be a tool of cyber criminals because it is extremely easy to use. All they need to do is send an e-mail with a link to a malicious website or add a malicious attachment. Users should always consider email from an unknown sender to be a potential Internet security threat. For a few years, it was estimated that the use of e-mail as a malware delivery system would decline but it actually increased by 5% during the last half of 2011. Currently it is estimated that 11% of all e-mails pose some type of Internet security threat.
The use of social networks to spread malware has seen an increase parallel to the increasing popularity of social networking. The more popular a social network becomes, the more likely cyber criminals will leverage it to expand their malnets. In order to gain access to the largest pool of potential victims, games and society/daily living topics pose the largest Internet security threats. Entertainment topics will always be an Internet security risk because users don’t think twice about downloading malware posing as an “updated codec” or “flash player update”. Today it is estimated that 1 in 16 malware attacks were initiated through social networking. This is particularly dangerous for mobile device users because a good part social networking requests take place via laptops, tablets and smartphones. It is important to note that a majority of social network related malware distribution requires users to leave the social networking site and enter a website specifically designed to spread malware.
On social networks, a majority of malware is distributed through topical content. Commonly used topical content includes sports results, election news, holiday promotions, breaking news, and celebrity gossip. The largest topical attacks in 2011 were based around the 8.9 earthquake and tsunami in Japan, the royal wedding of Prince William and Kathryn Middleton, and the deaths of Osama bin Laden, Amy Winehouse, and Steve Jobs.
These three tools will likely be used by cyber criminals for a long time because they all have low barriers of entry and provide access to large pools of potential victims. Internet security threats will always evolve, however the most common delivery mechanisms remain the same.
Ted Lee believes the internet should be free and open. The UK VPN is one tool you always uses to increase his online freedom. Ted strives to inform others about the tools available for avoiding restrictions on the web.