» Facebook: Spammers and distributors of malware love it. They provide false information about a free offer or inviting image — a girl in a bikini — to lure users to click on the link and get infected. Sometimes the malware posts the same image or information on the infected person’s “wall,” luring friends into making the same mistake.
Sources of attacks on Facebook
“You have to see this” — 36%
New Facebook app — 19%
Celebrity or current event — 18%
Free stuff — 26%
Source: Commtouch.com, Internet Threats Trend report,
» Leading Origins
5. South Korea
Source: AppRiver Threat and
» Dark Motives
The discovery that a virus called Stuxnet had been used to sabotage the operation of centrifuges in an Iranian uranium-enrichment facility meant that “malware can be and is being used for far more nefarious purposes other than stealing bank accounts. Cyber warfare has officially arrived.”
• Spammers used the Japanese earthquake, Bin-Laden’s death and the fall of Gaddafi to attempt to distribute spam e-mails, malware or viruses with enticements for users to click on links to “exclusive video” or (faked) news stories.
— AppRiver Threat and Spamscape Report
“They can’t hire enough people,” says Eric Ackerman, interim dean at Nova Southeastern University’s Graduate School of Computer and Information Sciences in Davie. “The salaries are fantastic in this area.” Nova carries the National Security Agency and Department of Homeland Security’s imprimatur as a National Center of Academic Excellence in Information Assurance Education. Two other Florida institutions, Florida Tech in Melbourne and Florida State University, hold the same center of excellence designation in research.
“There’s a human capital crisis in cyber-security,” says Richard Ford, director of the Harris Institute for Assured Information at Florida Tech in Melbourne. “That means if you’re good at cyber-security, you can get a job anywhere and you can earn whatever you want.”
“Most of the people end up being hired almost immediately into federal jobs,” Ackerman says.
For $2,000, the maliciously inclined can buy a malware known as BlackHole that tricks people into going to websites where their computers become infected. In the underground economy, a list of 30,000 e-mails can be had for $5, a compromised PayPal account goes for $50 to $500 and, for just $10, someone can buy a person’s identity, complete with credit card number, date of birth, Social Security number and so on, says Fred Touchette, senior security analyst at AppRiver, a Gulf Breeze security company. Touchette, who has followed BlackHole’s evolution, writes an illuminating guide to trends in nefarious online doings. BlackHole users have success at first, but over time internet defenders figure out the identifiable characteristics of malicious software and e-mails and filter them out. BlackHole users, however, can get new signatures once they’ve been discovered. Turns out, the $2,000 purchase includes a year of tech support.