Panda Labs 3rd Quarter 2010 threat report (PDF) found that 95% of all email is spam. It also said that Trojans constituted 55% of all new threats but infections via email are declining in favor of increased attacks via social networking sites including attacks associated with Facebook’s “Like” button.
The Facebook Like button allows developers to use Javacript which can also be used by bad guys who use clickjacking exploits, to trick users into “liking” a page and then automatically recommending it to all their Facebook friends.
There are also increased attacks via Google’s Android phones including scams that cause people to rack up phone bills with dubious services and attacks that disclose users’ geolocation to a third party.
Monsters of a Different Kind
The report also said there were Black Hat SEO attacks aimed at searches for Moshi Monsters, a very popular search term for children interested in “adopting their very own pet monsters.” Trouble is, some kids were encountering monsters of a different kind — ones that put malicious software on their computers. Blackhat SEO is when sites get optimized for search engines using illegitimate techniques such as packing long lists of keywords into a site designed to trick search engines into linking to them even if they have no real content related to that search.
There has also been an increase in worms spreading via USB drives. The report said that “25% of new worms are designed to spread via USB devices.
The “top” spamming country is India followed by Brazil, Russia and Ukraine. The United States is the eighth most spamming country.