Spammers, hackers, and Internet malcontents are using a larger number of tools and systems to attack the public, according to Symantec.
The Internet security firm yesterday released its annual Internet Security Threat Report(PDF), which, according to the company, shows that 2012 was one of the most active for hackers.
The company says that in 2012 hackers targeted users across a greater number of channels, a trend which is likely to increase this year. With the public increasingly accessing the web on their mobile devices and spending more time on the social web, hackers have now set their sights on these platforms. Symantec says,
“Social media and mobile devices have come under increasing attack in 2012, even as spam and phishing attacks via traditional routes have fallen. Online criminals are following users onto these new platforms.”
Last year there was a 58% increase in “malware families” targeting mobile devices and a 32% increase in the number of security flaws identified in mobile operating systems. But, according to the company, the number of security holes identified for each of the mobile operating systems doesn’t relate to the amount of malware created for those platforms.
Symantec says that even though Android has fewer documented vulnerabilities than iOS, more malware was written and distributed on Android devices. This increase can partially be explained by the rapid growth of Android smartphones and tablets last year. Malware is also easier to distribute on Android devices since it’s a more open system. The company says that this makes Android the “ the go-to platform of malware authors.”
The company reports that iOS has 387 documented vulnerabilities – Android has 13 and Windows Mobile has two.
Most mobile malware targets users’ information (32%), while a surprisingly large 15% of malware apps are designed to track users. Only 8% of malware is used to distribute ads.
As for social media, Symantec says that our Twitter, Facebook, Google+, Linkedin, and other accounts have made it easier and more inviting for hackers to steal our data. Although the platforms might be new the ways scammers are targeting them isn’t Using social proofing (taking over someone’s account and posting content as them) is the main technique that scammers have borrowed from the world of email spam.
The other technique scammers are using on the social web is even more old school. They’re just reading what we put online. According to Symantec, information that we put online – such as our home city, or even actual credit card details, makes it easy for scammers’ to do their jobs.
“In the last few years, we’ve seen a significant increase in spam and phishing on social media sites. Criminals follow users to popular sites. As Facebook and Twitter have grown in popularity for users, they have also attracted more criminal activity. However, in the last year, online criminals have also started targeting newer, fast-growing sites such as Instagram, Pinterest, and Tumblr. ”
Symantec’s advice to users is simple: think before you click, if an offer looks too good to be true then it usually is; don’t download apps from sources you’re not familiar with; and don’t reveal personal information online – even if you think that its audience will be limited.