Messaging Newswire
Follow Us on Twitter
Facebook Page
Google Plus Page
RSS feeds
Shortened URLs Favorite Tool of Attackers
Widgets & RSS FeedsA new report highlights a surge in attacks through social networking sites such as Twitter because of the increased use of shortened URLs. The Security Labs Report, out this week, is based on the second half of 2009, and is offered by M86 Security, a provider of Web and messaging security products. Shortened URLs have become a favorite tool of attackers because not only do they make it easier to obscure malicious links, but they also exploit end users’ trust through social engineering. The majority of malicious links observed by the M86 team on services such as Twitter and Facebook used shortened URLs. Similar malicious links have also been observed in spam messages.
The report also notes that Zero-Day application vulnerabilities such as those within Internet Explorer and Adobe products are becoming just as prevalent as those seen in the operating systems themselves, as hackers take advantage of application vulnerabilities. The Security Labs Report offers recent examples that include an increase in the use of malicious PDF files targeting Adobe products.
It is no surprise that the report reveals spam remains a significant threat to businesses and government organizations — not only does spam consume valuable network resources, it is a popular conduit for the distribution of malware, phishing and other scams by cyber criminals. The new report notes that the volume of malicious spam has dramatically increased; reaching three billion messages per day, compared to 600 million messages per day in the first half of 2009 and is being sent via botnets. The M86 Security Labs Report names the major spam botnets and reveals that 78 percent of all spam during the last six months of 2009 originates from just five botnets.
“It is important to identify the major contributors to the volume of spam so that the industry can take action against them, and our latest Security Labs Report provides a detailed percentage of spam by botnet origin,” says Bradley Anstis, VP technical strategy for M86 Security. “At the same time, M86 wants to help security professionals remain vigilant in their own organizations against the increasing exploitation of trust on social networking sites. Users are more likely to click on links shared with them by senders they believe are their friends. To combat this, we suggest using browser extensions that display shortened URLs in their full form and take a range of other precautions outlined in our latest Security Labs Report.”
The complete M86 Security Labs Report is available for download.
