Phishing on the Rise While Bots Slow

McAfee Avert Labs revisits 2007 Internet security forecast

McAfee Inc. has revisited its top ten predictions for security threats in 2007. Research from McAfee(R) Avert(R) Labs shows that threats including data-thieving phishing Web sites are on the rise, as expected. However, other pests such as remote-controlled bots show unpredicted signs of decrease. 

"As we approach the midyear mark, we wanted to check on our crystal ball gazing skills," said Jeff Green, senior vice president of McAfee Avert Labs and product development. "As we predicted, professional and organised criminals continue to drive a lot of the malicious activity on the Net. However, we were surprised that mobile malware and image spam tapered off." 

McAfee Avert Labs' top 10 security threats for 2007 and updates, in no particular order:

1. Password-stealing Web sites are on the rise

The number of phishing Web sites continues to rise exponentially. McAfee Avert Labs saw a 784 percent increase in phishing Web sites in the first quarter of 2007, with no slowdown in sight. These Web sites typically use fake sign-in pages for popular online services such as online auctions sites, online payment processors or online banking. Avert Labs anticipates increasing abuse of sites meant for online collaboration such as wiki pages and online applications. Even Internet archive sites will suffer.

2. Spam, particularly image spam, is on the rise

The total amount of spam caught in McAfee Avert Labs' traps has stayed fairly flat during the first part of the year. Image spam accounted for up to 65 percent of all spam at the beginning of 2007. It has actually dropped recently. Image spam is junk e-mail that includes an image instead of just text. It is used typically to advertise stocks, pharmaceuticals and degrees.

The image can triple the size of a single message. This causes a significant increase in the bandwidth used by spam messages. In November 2006, image spam accounted for up to 40 percent of the total spam received. It was less than ten percent a year earlier.

3. Video on the Web will become a target for hackers

Cybercriminals are riding the wave of online video available on social networking sites such as YouTube and MySpace. For example, the Web site of a French rock band was used to load a Trojan horse onto the computers of fans by exploiting a feature in QuickTime.

4. More mobile attacks

Surprisingly, mobile malware numbers are down with a dozen new examples of malicious software targeted at devices such as cell phones and smart phones for the first quarter of 2007.  

5. Adware will go mainstream

McAfee predicted that more legitimate companies would try advertising software to target consumers. However, because adware has a bad reputation, businesses are trying other ways to deliver their message on the Internet. BitTorrent, for example, is establishing a trend by offering free ad-supported video downloads as an alternative to paid downloads. 

6. Identity theft and data loss will continue to be a public issue

Unauthorised transfer of data is becoming more of a risk to enterprises including loss of customer data, employee personal information and intellectual property. This information can leak not only via the Web, but also through portable storage devices, printers and fax machines. More than 13.7 million records have been breached thus far this year, according to, compared to 1.8 million records during the same period last year. 

7. Bots will increase

This prediction has been particularly tough to prove. A superficial read of statistics indicates that the use of bots has actually decreased lately. Bots are computer programs that give cybercrooks full control over PCs. Bot programs typically get installed surreptitiously on the PCs of unknowing computer users.

8. Parasitic malware is making a comeback

No doubt, parasitic malware is happening. Parasitic infectors are viruses that modify existing files on a disk, injecting code into the file where it resides. Philis and Fujacks continue to be active, and Avert Labs has classified more than 150 new variants of these two families this year. Other families including Sibil, Grum, and Expiro are also active.

9. Rootkits will increase on 32-bit platforms

About 200,000 computers have been infected with rootkits since the beginning of 2007, according to Avert Labs' virus tracking mechanism -- a 10 percent increase over the first quarter of 2006. You can check your system with McAfee's free Rootkit Detective. McAfee VirusScan(R) for Enterprise includes anti-rootkit technology.

10. Vulnerabilities continue to cause concern

There are more vulnerabilities to worry about than ever before. Microsoft issued 35 security bulletins, 25 of which were tagged critical and nine important, in the first six months of 2007.  During the same timeframe last year, Microsoft issued 32 bulletins, of which 19 were rated critical and 10 were considered important.

McAfee Avert Labs' Recommendation

To protect against the above threats and malicious programs, McAfee Avert Labs recommends enterprises and consumers stay updated with the latest Data

Definition Files (DATs) and install the latest patches.  Users should implement a multi-layered approach to detecting and blocking attacks.    

McAfee Avert Labs maintains one of the top-ranked security threat and research organisations in the world. Avert Labs employs researchers in seventeen cities and twelve countries around the world. McAfee Avert Labs combines world-class malicious code and anti-virus research with intrusion prevention and vulnerability research expertise.


About McAfee, Inc.

McAfee Inc., the leading dedicated security technology company, headquartered in Santa Clara, California, delivers proactive and proven solutions and services that secure systems and networks around the world. With its unmatched security expertise and commitment to innovation, McAfee empowers home users, businesses, the public sector, and service providers with the ability to block attacks, prevent disruptions, and continuously track and improve their security.

Comments (0)

Add a Comment

This thread has been closed from taking new comments.

Editorial: +44 (0)1892 536363
Publisher: +44 (0)208 440 0372
Subscribe FREE to the weekly E-newsletter