VIPRE Report for January 2013: Social Network-Based Attacks Highly Prevalent
GFI Software reveals some interesting aspects about the latest threats
GFI Software has released its VIPRE Report for January 2013. The latest report focuses on attacks that leverage popular social networks such as Twitter, Facebook or LinkedIn in an effort to trick users.One of the most interesting scams that spread via Facebook in January was the one that relied on private messages which informed victims that their accounts had “violated the policies that are considered annoying or insulting Facebook users.”
In this case, the crooks were trying to convince unsuspecting internauts to hand over their Facebook login credentials and other personal information.
Another clever scheme relied on Twitter. Scammers sent out direct messages which informed users that a profile was spreading nasty blogs about them.
Those who clicked on the links were taken to a bogus Twitter login page where they were told to login to the site because their sessions had apparently expired “for security purposes.”
As far as malware is concerned, the Win32.Generic!BT Trojan has been the most prevalent (24.87%), followed by Sirefef (3.25%). The GamePlayLabs browser plugin and pieces of adware such as Yontoo, Wajam and Wajam (fs) are also included in the January top 10 threat detections.
“As the brands of popular social networking sites become more engrained in our culture, their value to cybercriminals looking for new ways to disguise their attack campaigns will only increase. More and more young people entering the workforce think of social networking as a standard part of everyday life,” said Christopher Boyd, senior threat researcher at GFI.
“By focusing their efforts on these sites, cybercriminals can increase their chances of fooling a larger number of users to unknowingly download malware onto their PCs and mobile devices. As a result, these users end up providing social network account information that can be used to reach even more potential victims.”