While Conficker took the limelight regarding malware threats over the first quarter of the year, it's also apparent that attackers have reached new levels of sophistication in their social engineering techniques, using fear, emotion and security loopholes to perpetuate attacks.
This is one of the findings from Cyberoam's first quarter of 2009 e-mail threat report, conducted in collaboration with partner Commtouch.
Spammers tricked users on Facebook, Myspace, Twitter into divulging personal information. Exploiting users' fear of finding scandalous images of themselves online, spammers sent wall posts proclaiming that such pictures have surfaced on Facebook.
Also used on Facebook were desperate messages from friends supposedly in a financial bind. Users clicking on the link were taken to what looked like the Facebook login page, but actually it was an imposter site collecting usernames and passwords of unknowing users.
Spammers sent direct Twitter messages to users of blog posts and funny photos related to them. Security loopholes on Twitter like the use of TinyURL to replace long URLs with short ones to fit into Twitter's 140 character limit meant that users did not know where the link led before they clicked.
Abhilash Sonwane, vice-president: product management at Cyberoam, says: "Attackers have confirmed once more that they work on both sides of the equation – user and the platform. They play on the emotions of users while exploiting loopholes on the platform being used. Used in combination, it is an effective way to propagate malware. While Cyberoam offers protection from evolving threats, we also recommend user education to effectively contain threats."
Blended threats created near-perfect mirror sites and official looking emails from CNN and the US tax departments. While Google Docs was used to compromise ZDNet, spammers used "borrowed" images from legitimate sites like CBS and Pizza Hut in addition to masking their email addresses to bypass spam filters.
Loan spam jumped from 3% of all spam messages in the fourth quarter of 2008 to first place, with 28% of all spam messages this quarter, reflecting the global economic situation.