This site is sponsored by 
MessageLabs' threat predications for 2010 look at the following emerging trends:
- Anti virus is not Enough - With the rise of polymorphic threats and the explosion of unique malware variants in 2009, the industry is quickly realizing that traditional approaches to antivirus, both file signatures and heuristic/behavioral capabilities, are not enough to protect against today’s threats.
- Social engineering as the primary attack vector - More and more, attackers are going directly after the end user and attempting to trick them into downloading malware or divulging sensitive information under the auspice that they are doing something perfectly innocent.
- Rogue security vendors escalate their efforts - In 2010, expect to see the propagators of rogue security software scams take their efforts to the next level, even by hijacking users’ computers, rendering them useless and holding them for ransom.
- Social Networking third-party applications will be the target of fraud - With the popularity of social networking sites poised for another year of unprecedented growth, expect to see fraud being leveraged against site users to grow. In the same vein, expect owners of these sites to create more proactive measures to address these threats.
- Windows 7 will come into the cross-hairs of attackers - Microsoft has already released the first security patches for the new operating system. As long as humans are programming computer code, flaws will be introduced, no matter how thorough pre-release testing is, and the more complex the code, the more likely that undiscovered vulnerabilities exist.
- Fast flux botnets increase - Fast flux is a technique used by some botnets, such as the Storm botnet, to hide phishing and malicious Web sites behind an ever-changing network of compromised hosts acting as proxies.
- URL shortening services become the phisher's best friend - Because users often have no idea where a shortened URL is actually sending them, phishers are able to disguise links that the average security conscious user might think twice about clicking on.
- Mac and mobile malware will increase - The number of attacks designed to exploit a certain operating system or platform is directly related to that platform’s market share, as malware authors are out to make money and always want the biggest bang for their buck.
- Spammers breaking the rules - As the economy continues to suffer and more people seek to take advantage of the loose restrictions of the CAN SPAM Act, we’ll see more organizations selling unauthorized e-mail address lists and more less-than-legitimate marketers spamming those lists.
- As spammers adapt, spam volumes will continue to fluctuate - Since 2007, spam has increased on average by 15 percent. While this significant growth in spam e-mail may not be sustainable in the long term, it is clear that spammers are not yet willing to give up as long an economic motive is present.
- Specialised malware - Highly specialized malware was uncovered in 2009 that was aimed at exploiting certain ATATMs, indicating a degree of insider knowledge about their operation and how they could be exploited. Expect this trend to continue in 2010.
- CAPTCHA technology will improve - As this happens and spammers have a more difficult time breaking CAPTCHA codes through automated processes, spammers in emerging economies will devise a means to use real people to manually generate new accounts for spamming, thereby attempting to bypass the improved technology.
- Instant messaging spam - As cybercriminals exploit new ways to bypass CAPTCHA technologies, instant messenger (IM) attacks will grow in popularity.
- Non-English spam will increase - In some parts of Europe, Symantec estimates the levels of localized spam will exceed 50 percent of all spam.
For the full white paper please click here.
