The trend in Q1-2011 is revealed to be an explosive increase in the overall number of global attacks. Within this, the most notable developments were:
- Major growth in malicious campaigns which exploited the viral nature of Facebook users - increased threefold in the last 12 months.
- A notable increase in risk for smartphone users as cyber criminals extend the battlefield to mobile devices.
- An explosion in Blackhole Exploit Kits, used by criminals to coordinate attacks.
This activity is marking an increased professionalism in the structure and operations of global organised cyber crime.
As the Internet's second most visited web site, Facebook is an obvious target for cyber criminals. Q1 of 2011 saw a continuing increase in attacks on Facebook users. Click-jacking scams have increased in frequency from once a week to once every other day, and defence from these scams requires constant vigilance. Profiles without suitable privacy settings are liable to be exploited by marketers or cyber criminals and could be used for identity fraud.
Smartphones and Tablets
With smart phones becoming more like computers, the first quarter saw a notable increase in risk for smartphone users and the Android platform in particular. AVG blocked an average of 100,000 spam and phishing text messages per day.
The United States is still the dominant source of spam, with English as the main language used in spam messages.
The open source nature of the Android operating system, as well as the open-garden approach to allowing users to install software on their mobile devices, opens the door for cyber criminals to write malicious code. This is why Android users should install additional security solutions such as AVG Mobilation for Android which is helping prevent users from downloading over 10,000 infected applications a day.
A recent survey carried out by AVG and The Ponemon Institute found that a third of smartphone owners are unaware of the increasing risks posed by malicious software, with only 29% having considered protecting their device - and their data - with a free or paid anti-virus program.
Lloyd Borrett, Security Evangelist at AVG (AU/NZ), said: "The use of these open technologies poses a great risk, since they are constantly connected and substantially less protected than when using a personal computer. Users tend to shrug off mobile security solutions and carelessly broadcast financial, account and other personal data, such as their exact location, while on the go."
Security that is specific to the mobile environment should be considered. Cloud-based protection offloads the process from the mobile device which can then be kept safe while not draining its resources.
A further area of significant concern is an explosion in Blackhole Exploit Kits, used by criminals to coordinate attacks. During one week in February 2011, Blackhole attacks jumped from a few hundred per day to an overwhelming 800,000 in a day. See "AVG: Anatomy of a major Blackhole attack".
Borrett said: "The increasing professionalism behind some of the threats clearly demonstrates the profit that can be made. These campaigns are well planned and well funded. They therefore demand not only very effective counter technical measures, but also the need to raise awareness among the users everywhere.
"As an example, during Q1, a Latvian gang was able to bring 600 attack servers online for just a couple of weeks in a highly targeted Blackhole attack. This resulted in over 800,000 detections worldwide, per day by the AVG servers," he added.
The advice for staying safe when using Facebook is:
- Check your privacy settings - make sure that your privacy settings aren't sharing information that you want to keep private.
- Pay attention to whom you share your information with.
- Protect your mobile device to the same level as your PC or laptop.
- Use AVG Social Networking Protection: links that are exchanged within Facebook are automatically checked in real time so that you, your friends, your company and your employees are safe. AVG Social Networking protection is activated automatically as soon as AVG is installed.
- Treat your Android phone like an unsecured PC. It is unsecured unless you take steps to protect it.
- When downloading applications, make sure you get them from a trustworthy source - if you're unsure about the validity of an application, don't install it.
- Protect your Android smartphones with security software such as AVG Mobilation for Android.
About the AVG Community Powered Threat Report
The report is based on the AVG Community Protection Network traffic and data followed by research and analysis performed by AVG over the three month period. It provides an overview of web, mobile devices, spam risks and threats. The statistics referenced are obtained from the AVG Community Protection Network.
The AVG Community Protection Network is an online Neighbourhood Watch, helping everyone in the community to protect each other. Information about the latest threats is collected from customers who choose to participate in the product improvement program and shared with the community to make sure everyone receives the best possible current protection.
With more than 120 million users using AVG's various applications worldwide, AVG is provided with 1.5 billion potential threats to analyse daily. AVG provides strong community protection and each new user who chooses to participate increases the security level of the community as a whole.AVG (AU/NZ) has a comprehensive range of security tips on its web site at http://www.avg.com.au/resources/security-tips/ For video tips from AVG (AU/NZ), see http://www.youtube.com/user/avgaunz