The bad guys definitely know how to entice unsuspecting users.
We all know that people are relying more on social networks such as Facebook rather than e-mail to communicate. But as the nature of online communications shifts, so too does the behavior of cybercriminals.
With the rise of social networking, cyber-criminals have begun to rely on more sophisticated approaches to social engineering that trick users into downloading malware onto their systems, usually using a blended attack that comes from multiple sources.
Tom Clare, director of product marketing for Blue Coat Systems, says this shift to social networks as the delivery vehicle for malware means that IT organizations need to be able to block malware in real time. That means establishing the relative reputation of a Web site based on the amount of hidden malware lurking there and blocking users from accessing Web pages loaded with malware.
To accomplish that, says Clare, IT organizations need to attach themselves to cloud security services that leverage the ability to analyze millions of pages for malware and then share that information across all the participants in the network.
Clare believes that as social networks begin to focus more on e-commerce, there will be a lot more emphasis on making sure these social networks are safe. As Clare puts it, no one is going to shop at a mall unless they know the parking lot is safe. Similarly, people will stop visiting social networks that distribute malware to their systems.
In the meantime, the bad guys are getting more subtle in their approach, not only using information gathered on the social network to trick people in downloading malware, but also keeping their phishing attacks to low targeted levels that fly under the radar screen. For those reasons, Blue Coat Systems predicts that Web-based threats are likely to continue to grow unabated.
The only way to effectively defend against those attacks is to ultimately rely on strength in numbers to identify as many of the threats as possible using reputation systems in order to make sure they never get an opportunity to distribute their malware payloads in the first place.