5 security threats to watch in 2010

SINGAPORE--Everyday Internet users will be a key target for cybercriminals looking to get people to download their malware, while the proliferation of social sites such as Facebook and Twitter will lead to an increase of possible fraud cases, reported Symantec.

At a media gathering Wednesday, the security vendor released a report outlining security threats enterprises and consumers should be mindful of in 2010. Of these, the security risk faced by everyday Internet users is likely to increase as criminals look to trick people into downloading malware through means such as an innocent-looking URL link or videos and pictures from unknown sources.

"[Users] could be opening themselves up to identity theft and other types of cybercrime," Symantec said in the report, adding that the number of attempted attacks using social engineering "is sure to increase" next year.

Also, as the popularity of Apple products continue to grow, Mac and iPhone users--two of the most popular products by Apple--should look to protect the content they place on their devices as "more attackers will devote time to create malware to exploit these devices", according to the report. With the increased use of smartphones, mobile security will also be an area of concern, added Symantec.

On the burgeoning social networking scene and the opportunities this affords cybercriminals, Symantec noted that continuing "unprecedented growth" of social sites will elicit a corresponding growth in fraud attempts.

Shortened URLs are another key area for security, as the links may direct people to undesirable sites filled with malware, said David Hall, regional product manager, consumer products and solutions, Symantec Asia-Pacific, at the gathering. Condensed URLs are popular on social networking sites and in particular, Twitter and Facebook, so users of these platforms should avoid clicking on URLs sent by unknown users. Such links are likely to be created by phishers peddling links to malicious sites, said Symantec.

"Scareware" or fake antivirus software are also expected to make a bigger presence next year, the security firm said. In such scenarios, users are tricked by scareware promoters into downloading the fake application, which could then lead to sensitive information being compromised. Computers may even be "hijacked" or rendered useless by cybercriminals, who control the machines until the owners pay a ransom fee.

A look back at 2009
Scareware is, incidentally, one of 2009's top security concerns, according to Symantec's report.

Another security headliner this year was the Conficker worm, which allowed its creators to remotely install software on computers globally. Though detected in November 2008, the worm started infecting computers in March and April 2009.

In addition, events such as the deaths of actor Patrick Swayze and pop icon Michael Jackson, as well as the inauguration of America's first African-American president Barack Obama, saw significant spikes in search queries. Cybercriminals latched on the respective opportunities to release their spam and malware onto the Web to trick unsuspecting users, said Symantec.

The company also reported more than 40 trillion spam messages in the past 12 months, with some of the popular subjects including festive occasions, cheap car discounts and fake Twitter invitations.