Report cites U.S., Canada as malware attack focus

Look from Welsense at last year's trends sees social-networking becoming main malware targets

In its annual review of global security threats, Websense says a major trend it observed last year is that more malware connections, hosting and phishing appear to be occurring in the United States and Canada.

Facebook scammers host Trojan horse extensions in the Chrome Web store

"50% of malware connections lead to the U.S.," says Charles Renert, vice president of Websense Security Labs. According to the 2012 Websense Threat Report, Canada's malware ranking has also zoomed upward in the past year, so the country now clocks in at No. 2 at 13.2%. The countries in the top five ranking include Germany at 5.4%, the Netherlands at 4.9% and China at 4.1%.

China and Russia used to be much bigger in the rankings, according to Websense, but since organizations have been more often blocking IP ranges for these countries, cybercriminals have turned to getting malware closer to their victims by exploiting trusted networks, such as social-networking sites.

The Websense report says the U.S. is the top country at 36.3%, followed by Russia at 14.7%, France at 13.2%, Germany at 7.0%, and Singapore at 3.4% in a tally of the top five where malware hosting occurs. The top five countries for phishing are said to be the U.S. at 59.9%, followed by Canada at 9.8%, Egypt at 6.8%, Germany at 2.3% and the United Kingdom at 1.8%.

"It's all about social engineering and the lures," Renert says.

Social networks such as Facebook, Twitter and Google have become prime targets for malware attacks of all kinds on their users, he notes. A commonplace example is the "video lure" to a compromised site, which is a type of attack increasing on Facebook, he notes.

"Having more than six out of 10 malicious web sites on compromised hosts is unacceptable to a society that is moving to the cloud as a backbone for commerce, communications and culture," the report says.

While the threat report is a summary of perceived trends that dominated 2011, Websense is also venturing out with predictions for the future. Perhaps not surprisingly, one of them is that "Your social media identity may prove more valuable to cybercriminals than your credit cards. Bad guys will actively buy and sell social media credentials in online forums."

Ellen Messmer is senior editor at Network World, an IDG publication and website, where she covers news and technology trends related to information security.

Editors' Picks
Join the discussion
Be the first to comment on this article. Our Commenting Policies