Kaspersky Lab sets crosshairs on new breed of cyber criminals

Security risks of social networking come under scrutiny

Forget spam and phishing as you once knew it: the new breed of cyber criminals are shifting their operations to fertile new fields, including mobile phones, online gaming and Web 2.0. These are the chief threats facing consumers today, and it's perilously easy to get caught out. The bait is no longer a bulk e-mail from an unknown sender: it's a Facebook app from an unwitting friend. This is the warning cry of Russian IT security firm Kaspersky Lab, which has been hosting a press tour on the tranquil waters of Dubrovnik, Croatia. Over a full day of presentations, Kaspersky Lab's chief researchers discussed their findings. Unfortunately, it seems that while cyber criminals are getting smarter, the average Web surfer isn't — especially when it comes to Web site interactivity.

The rise of Web 2.0 has seen a massive spike in attacks on social-networking sites and their users. Web sites like YouTube, Digg and Twitter have allowed online criminals to snare victims more easily than ever before. While few people will blindly click on a link contained in a suspicious e-mail, many will follow links on a social-networking site, any of which could lead to a malicious Web site. Consumers may be more 'Net savvy, and they may be interacting with the Web more than ever before, yet their security awareness is lagging behind.

"Internet users are like kids in a candy store," says Kaspersky Lab's regional researcher Stefan Tenase. "They want to taste everything, but too much of anything is bad for you." According to Kaspersky Lab's Global Research and Analytics Team, attacks through social-networking sites have a success rate of 10%, compared to 1% for malicious e-mails.

It's difficult to eradicate these threats from social-networking sites, as new dangers pop up every day. In response to the Photo of the Day botnet, Facebook introduced a verification system that gives tested apps a seal of approval. However, only a fraction of the 50,000 apps on the Web site have been verified. The key, as ever, is in user education. In other words, online security should not take a backseat to interactivity.

Chris Jager flew to Croatia as a guest of Kaspersky Lab.

Follow PC World Australia on Twitter: @PCWorldAu