Report: Cybercriminals Favor Web Browser Attacks

The good news, which might provide significant hope, is that computer users are finally refraining from opening attachments connected to unsolicited e-mail.

Because of that, according to Sophos, hackers are moving away from the devious practice of using those attachments as conduits for virus attacks. Sophos said it found only one e-mail for every 337 was infected in 2006, while one in 44 were infected in 2005.

Heeding Warnings

The figures prove that repeatedly warning people about something can eventually work, according to Ron O'Brien, a senior security analyst for Sophos.

"The single most effective defense that the public can aspire to is education," O'Brien told TechNewsWorld. "We see that in the e-mail space. The typical user is not as likely to click on an attachment in an e-mail from an unknown source. That's taken a number of years to become a common practice."

The bad news documented in the Sophos report is that the criminals didn't give up. As the effectiveness of infected e-mail declined, the hackers began focusing their nefarious efforts on Web browsers.

"E-mail will continue to be an important vector for malware authors, though the increasing adoption of e-mail gateway security is making hackers turn to other routes for infection," Sophos explained. "The number of Web sites being infected with malware is on the rise."

The report says the United States tops the list of nations having computers that are both spewing e-mail spam (much of which contains URLs that link to fake Web sites that download malware) and hosting bad Web sites. Sophos said 34.2 percent of the systems doling out Web-based infection are in the United States. China is a close second, at 31 percent.

Danger Remains

While it's good that people aren't clicking as often on e-mail attachments, the danger posed by clicking on spammed URLs or browsing the Web with unprotected computers is significant. Merely visiting a bad site is all it takes to infect a PC, O'Brien noted. "All you have to do is click on it," he said.

"There is a phenomenon that occurs when a person is browsing the Internet in which they let down their guard much more so than they would if they were in a public place," O'Brien added. "In looking at the Internet as a marketplace, we are recognizing that, in order to continue its effectiveness as a vehicle for criminal activity, the criminals had to find another way to get information from you. The avenue they chose is Web sites."

Sophos is finding 5,000 to 7,000 new bogus sites per day, he claimed.

Big Money

General Web browsing is becoming more risky, agreed Natalie Lambert, a senior analyst with Forrester Research. "I think malicious code writers are really refocusing their efforts on ways to infect as many computers as possible in the shortest amount of time," she said. "There's a lot of money to be made in creating malware these days."

While unfriendly hackers in the past might have done it for thrills or notoriety, dollars are the big motivation these days, Lambert added.

"Now, millions of dollars are to be made, whether that would be getting credit card numbers or, on the corporate side, getting corporate secrets. They're just infecting as many machines as possible to get credit card numbers and other confidential information," she concluded.

Both O'Brien and Lambert said the key, again, will be education. The lesson: Protect computers as much as possible with up-to-date virus, spam and malware shields.