Phishing, worms spike this year, say Microsoft and McAfee

Scammers are targeting social networks with phishing scams and relying more heavily on worms and Trojans to attack computers, according to security trend reports to be released Monday by Microsoft and McAfee.

Phishing attacks saw a big spike in May and June, primarily because of campaigns targeting social-networking sites, according to Microsoft's report covering the first half of 2009. Gaming sites, portals, and Web sites of banks and retailers were also popular targets for phishing attacks, the report said.

Trojans top the list of threats to computer security, according to Microsoft's latest Security Intelligence Report.

(Credit: Microsoft)

Trojans, including rogue security software, remained the most prevalent category of threats, while Microsoft statistics show that worms rose from fifth place in the second half of last year to become the second most prevalent category, led by Conficker and followed by Taterf, which targets multiplayer online role-playing games.

During the first half of the year, Microsoft detected and cleaned rogue security software--which displays false antivirus warnings to trick people into paying for software they don't need--from 13.4 million computers. That was down from 16.8 million computers in the second half of last year.

Most of the drive-by download pages are hosted on legitimate Web sites that have been compromised by attackers through intrusion or malicious code posted to a poorly secured Web form, such as a blog comment field. The Trojan Downloaders & Droppers category was the type of malware most often delivered in drive-by attacks, according to Microsoft.

The number of total unique vulnerability disclosures across the industry was down sharply from a year ago. While browser vulnerabilities increased slightly, application vulnerabilities dropped and operating system holes were flat, Microsoft said.

Microsoft software accounted for 6 of the top 10 browser-based holes attacked on Windows XP computers, compared with only one on Vista computers. Of the top 10 browser-based holes exploited on computers running Vista, 2 targeted Adobe Reader and the most significant one targeted Adobe Flash Player. In the third spot was an exploit aimed at Internet Explorer.

Infection rates for Windows Vista were significantly lower than Windows XP, while the rate for Windows Server 2008 was less than Server 2003.

Microsoft released 27 security bulletins in the first half of the year, addressing 85 individual vulnerabilities. Of those, 11 were exploited within the first 30 days after the release of the security bulletin.

As far as computer security consciousness, the U.S. is in the middle, according to George Stathakopoulos, general manager of Microsoft's Trustworthy Computing Group. Japan is at or near the top of the list and Germany is high up too, he said.

"We are average," he added. "We are not one of the cleanest countries, we are dead on in the middle."

McAfee's report showed the U.S. as the top country when it comes to the number of compromised computers that are zombies used in botnets to do things like send spam, followed by China and Brazil. The U.S. also is the top distributor of spam and has the most servers hosting malware, McAfee said.

Spam comprises 92 percent of all e-mail. It jumped 24 percent from a year ago, McAfee said.

[pentest]

Vista and Server 2008 still had higher infection rates than quality OS's and servers.

[Vegaman_Dan]

Where's the numbers to back up this statement?

What 'quality OS's and servers' do you refer to?

Your comments without information to point to becomes meaningless.

[DOTA AllMoons]

do these malware writers get a kick out of messing up people's computers? maybe they're just pathetic nerds trying to get some attention after being bullied in school.

[Perry_Clease]

Mostly it about money.

[Random_Walk]

Like Perry said - it's all about the benjamins.

It also doesn't hurt their efforts that there are so many Windows machines sitting out there...

[Vegaman_Dan]

@Random_Walk

You're right, and the sooner more people move from XP to Win7, the quicker that those exploits will have to shift to other exploits like social engineering.

I haven't had a single infection or bot ever in any system I've had in the last 20 years I've been doing this. Simple diligence and caution works wonders.

[eagertolearnmore]

And sure they are in the know,ask ford what it builds!!

[spinnoutguy]

I can't count the number of times from a misdirect telling me my computer is infected! If anyone is smart , just close out the window by clicking the X at the top of the page or information box that might pop up! It may take a few tries, but it always works for me.

[Vegaman_Dan]

Careful now- the trick these days is to map the entire popup window as 'enter' so that even if you think you're clicking on the X to close the window, you're actually giving the app permission to run.

Safer to just hit ALT-F4 on a windows system to close the window entirely without ever interacting with it.

[Dalkorian]

Actually it's pretty easy to catch that click too using the same scripting language the dialog was written in. Safest bet is to quit the browser being used, in winblows you want to control-alt-delete (I think it's control-alt-escape since fista) and use the program manager to quit the browser. That's much harder to intercept.

Nuke it from orbit - it's the only way to be sure.

[Lerianis3]

Actually, IE, Firefox 2.0 and higher, and Chrome now have protections that the attack that Vegaman_Dan references will not work anymore.
I don't bother to 'hit ALT-F4' because it has a NASTY habit of closing the entire browser, not just the window that I wish closed.

I receive requests about four times per week to update information re:telephone companies,various banks (including my own),paypal and it does concern me as the requests are all relevant to me personally.I originally opened the very first one,as many of us may do and common sense seemed to indicate to me,that to provide any data would be a foolish idea as the content of the e-mail failed to identify me.It merely led with "Dear Customer".Since this initial experience I delete any e-mails of this type as soon as I receive them in Outlook express.They are quite simple to detect.Therefore am I safe from these rogues by simply following this practice or should I take further steps.I use Norton Anti-virus
as a safeguard against Trojan,spyware and other pests.Is my system safe.

[bill3333]

Hi, you don't have a name, but never mind, here are the answers :

1 You are doing the right thing, but lets do better. Go to web-mail, and supply really abusive information, then they will soon get fed up with targeting you. Your ISP will have enough protection to deal with these e-mails. DO NOT DOWNLOAD THESE TYPE OF E-MAILS INTO YOUR E-MAIL CLIENT. Now liaise direct, with the companies concerned, as it is rare for them to ask for confidential information.

2 Now let look at your computer software, and I only deal with XP, at the moment. I am also aware of the standard of the programs you have mentioned. Here are the ( free ) programs that have proved to be the best for security, for myself, according to the experts, and info on forums :

Extracts from XP MAGIC SECRETS

E-MAIL ACCOUNTS

GMAIL IS FREE FROM GOOGLE After 2 years of running 3 accounts with google, and being spam and virus free, I can confidently recommend them, and advise that people continually have problems with other providers, especially Hot-mail. Gmail does not have folders, but this does not matter if you download your emails into Thunderbird, so you can view them as many times as you like, without using up your data allowance from your ISP, ( internet service provider ); also it is so much faster, to do your emails in your own computer. You need to have a prime account with your ISP, to set up Gmail account, then if you change your ISP, you don't have to change your email accounts, which is a big hassle.

#######################################################################################################

PROGRAMS FREE

1 & 2 The special Magic Secret here, is that Mozilla put an incredible, amazing, ongoing, amount of development into these two programs, and all the addons, to make them the best, and very secure against viruses etc, so by using them, most of your security problems are prevented before you go on line.

1 Emails and Organizer or Diary = Thunderbird email client. Addons needed: Azerty, + Lightning for diary.

2 Surf the internet = Firefox Web browser. Addons needed: Downthemall, Tab Popup, Aeon, Fast Video Download, Adblock Plus, Autopager, Colorful Tabs, Cutemenus2, Firefox Chrome, Autofill Forms. If you like the Chrome web browser, then just install the Firefox Chrome addon, and you can still have all the benefits of Firefox.

3 SECURITY USE :

Comodo Internet Security = firewall, and antivirus.

Comodo BOCean = antimalware and antispyware.

Comodo come with my highest recommendation, as I have evaluated their free software over 2 years, again'st a number of other top of the line payware counterparts, and they are the best in every respect. Because Comodo systems run in real time, I have not scanned my computer for 6 months, and I can tell it has no viruses or malware in it, by the way it runs. DO NOT, UNDER ANY CIRCUMSTANCES, ADD ANY OTHERS TO THESE TWO, OR YOU WILL HAVE SOFTWARE CONFLICT.

3 Finally, XP maintainance :

CCleaner, IOBit Advanced System Care, IOBit Smart Defrag, Revo Uninstaller & Eraser, will provide the tools to keep XP well serviced ( clear out all the rubbish from the folders and registry ), and running nicely.

Regards Bill3333.

[slapppy]

Where is the chart overlay for the Mac? Oh wait, there is none.

by kevbox.Thank you Bill3333 for the extended information,particularly the tools to enhance XP performance.
Very much appreciated.

[Pride73170]

This is so funny! MS launches Security Essentials, then pacifies it's partners by releasing data suggesting that worms and phishing are on the rise. You think! OMG dude...you are naked...good thing our friends at McAfee have some clothes to sell you (elbow, elbow.)

[stickfu]

8 out of 10 viruses prefer Windows 7--shouldn't you?

http://www.itpro.co.uk/blogs/daveyw/2009/11/03/80-percent-of-viruses-love-windows-7/