Malware targeting social networks appears to be the latest growing threat to mobile security. With people being “always connected” on mobile devices, and often not a full screen to easily see URL’s and click through destinations, it’s no surprise that mobile devices are appearing as the first device users are responding to threats with.
According to security software provider, BitDefender, a recent large-scale Facebook scam promising to show users a girl’s Facebook status which got her expelled from school generated 28,672 clicks, 24% of which originated from mobile platforms. Users who clicked on the link — whether on their PC or mobile device — downloaded a Facebook worm and fell victim to an adword-based money grabbing scheme. While this particular scam didn’t result in direct malware or a fraud scheme, it does illustrate the dangers as clicking on links so freely can often result in much worse things.
“When data security researchers focus on finding malware specifically designed for mobile platforms, they lose sight of an important mobile platform threat source — the social network,” said George Petre, BitDefender Threat Intelligence Team Leader. “Statistics indicate that malware targeting social networks may be the biggest current threat for mobile devices.”
Social Media Networks such as Facebook and Twitter to continue to post a threat to businesses across the board. In 2010, Panda Security reported that one third of small-to-medium-sized businesses (SMBs) experienced a malware or virus infection via social networks through July, and 23 percent actually lost sensitive data via these networks, according to Panda Security’s first annual Social Media Risk Index.
LinkedIn users have also been a target of several attacks, including a massive-scale attack in October 2010, when users of the popular business-focused social networking site began receiving emails with a fake contact request containing a malicious link.
PCs are no longer being the dominant form of computing and threats targeting the smartphone and tablet markets top the list of cyber concerns in 2011, according to several recent reports. Respondents to a 2010 Mobile & Smart Device Security Survey recognize the quickly growing world of connected smart devices and acknowledge that device security problems are not only inevitable, but serious.
Terry Cutler, a Certified Ethical Hacker and regular SecurityWeek contributor, says that more people are flocking to their smartphones and tablets, leaving their notebooks behind and that attackers are certain to try to profit from this trend. “There’s seemingly no end to the productivity gains from smartphones and tablets. With the anywhere access to email, applications, and data, workers are using their devices to do everything from staying in touch with co-workers on social networks to accessing and adding data to their CRM applications. Where people go, attackers follow,” Cutler writes. “We’re already seeing malware specifically designed to attack mobile devices. Although such malware is not a dire threat now, in the months and years ahead it most certainly will be. While such attacks are specific to mobile phones and some tablets, expect the same types of attacks that have plagued PCs for years to also hit mobile devices—namely, viruses, spyware, worms, and Trojans—designed to snoop, steal, or destroy data.”