Cyber-criminals are continuing to exploit the financial crisis to scam users with fake financial transactions services, fake investment firms and fake legal services.
This is the top trend to emerge from McAfee's 2009 threat predictions, which examines the accuracy of last year's predictions and provides new insight as to where computer security threats are headed this year.
"Computer users face a dangerous one-two punch today," says Jayson O'Reilly, regional manager: Africa for McAfee. "The current economic crisis is delivering a blow to our financial well-being, while malware authors are taking advantage of our distraction to deliver a roundhouse strike."
McAfee Threat Predictions for 2009 include:
* Threats hide in the cloud – Miscreants have also transitioned to the Internet "cloud" as their main delivery vehicle and take advantage of the attractions of Web 2.0. McAfee expects this trend to continue throughout 2009, eventually displacing more traditional vectors of malware distribution.
* Personalised threats speak your language – Threats will continue to take evasive action against security measures. One example is the existence of single-use binary files, which are an attacker's equivalent of a single-use credit card number used by consumers when shopping online. These binaries help to create a vast sea of threats, which will make it harder for victims to describe their assailants and make it harder for defenders to catch them. Additionally, McAfee expects to see the continued expansion of malware in languages other than English. Cybercriminals have come to realise that by diversifying into a global market they can access even larger pools of valuable identity and confidential information.
* Malware targets consumer devices – McAfee expects increased attacks involving USB sticks and flash-memory devices used in cameras, picture frames and other consumer electronics. This trend will continue due to the almost unregulated use of flash storage across enterprise environments as well as their popularity among consumers.
* The rogue web and malvertising – Last year McAfee also saw the malware underground use mainstream practices in an effort to "sell" software that was either misleading or outright fraudulent. McAfee expects this trend to continue as cybercriminals still see a lucrative market in this area.
* McColo: The effects of a takedown – Spam traffic took a tremendous dive in volume when ISPs pulled the plug on spam host McColo Corp., the source of up to 60 percent of worldwide spam. In 2009, we will see a continued shift in organisations, from passive support of law enforcement to an active role of working collaboratively with ISPs and global Internet entities such as ICANN. Together, these organisations will shine the public light on these malicious actors and shut down their access to network and systems infrastructure.