Malware, Phishing Gather in North America

In its annual review of global security threats, Websense says a major trend it observed last year is that more malware connections, hosting and phishing appear to be occurring in the United States and Canada.

Facebook scammers host Trojan horse extensions in the Chrome Web store.

"50 percent of malware connections lead to the U.S.," says Charles Renert, vice president of Websense Security Labs. According to the 2012 Websense Threat Report, Canada's malware ranking has also zoomed upward in the past year, so the country now clocks in at No. 2 at 13.2 percent. The countries in the top five ranking include Germany at 5.4 percent, the Netherlands at 4.9 percent and China at 4.1 percent.

China and Russia used to be much bigger in the rankings, according to Websense, but since organizations have been more often blocking IP ranges for these countries, cybercriminals have turned to getting malware closer to their victims by exploiting trusted networks, such as social-networking sites. (See also "Best Security Suites: PC Bodyguards.")

The Websense report says the U.S. is the top country at 36.3 percent, followed by Russia at 14.7 percent, France at 13.2 percent, Germany at 7.0 percent, and Singapore at 3.4 percent in a tally of the top five where malware hosting occurs. The top five countries for phishing are said to be the U.S. at 59.9 percent, followed by Canada at 9.8 percent, Egypt at 6.8 percent, Germany at 2.3 percent and the United Kingdom at 1.8 percent.

"It's all about social engineering and the lures," Renert says.

Social networks such as Facebook, Twitter and Google have become prime targets for malware attacks of all kinds on their users, he notes. A commonplace example is the "video lure" to a compromised site, which is a type of attack increasing on Facebook, he notes.

"Having more than six out of ten malicious web sites on compromised hosts is unacceptable to a society that is moving to the cloud as a backbone for commerce, communications and culture," the report says.

While the threat report is a summary of perceived trends that dominated 2011, Websense is also venturing out with predictions for the future. Perhaps not surprisingly, one of them is that "Your social media identity may prove more valuable to cybercriminals than your credit cards. Bad guys will actively buy and sell social media credentials in online forums."

Ellen Messmer is senior editor at Network World, an IDG publication and website, where she covers news and technology trends related to information security.

Read more about wide area network in Network World's Wide Area Network section.

Subscribe to the Security Watch Newsletter

Comments