Trojans now account for 71% of new malware detected in the second quarter of this year according to research by Panda Security. These are most frequently spread through attachments in e-cards purporting to be from someone in your social network, and spoofed notifications from banks with infected ‘forms’ that consumers unwittingly open.
These scam messages are sent out in controlled waves by mafia owned botnets and leverage a variety of tactics to conceal the malware. To further optimize their capabilities, organized criminal groups are focusing heavily on creating hybrid worm-Trojans to leverage the characteristics of both categories of malware to avoid detection and increase their ability to spread infection.
Q2 also showed a major shift in the types of new exploits detected in the quarter as spyware dropped dramatically to just 6.9%, while adware jumped to 16.3%, primarily due to a sharp increase in the successful distribution of fake antivirus applications. There has also been a significant increase in viruses, which increased to 18.6% of the total.
What to watch out for
New threats are increasingly sophisticated, harder to detect and continue to enjoy success by leveraging social engineering techniques. Infected attachments sent via email in the guise of e-cards from a friend or family member, and fake notifications from companies – primarily banks – are the main malware entry points on computers as consumers continue to fall for these exploits in record numbers. Watch out for YouTube and other social networking emails containing ‘comments’ with links (see Virus Attacks Facebook Users), e-cards, fake anti-virus offers, and spurious notifications.
The bottom line? You must have good, up-to-date security software and be alert when reading any email, even when it looks like it has come from someone you know or a company with whom you do business.