Sophos's officials also said that in 2008, organized criminal gangs tripled their attacks against websites, injecting malicious code to infect visiting home users and businesses. 2008 also saw an increase in efforts by hackers to pose as legitimate anti-virus vendors, creating new professional-looking websites and applications every day with the intention of scaring users into believing that their computers have been compromised. On average, Sophos identified five new scareware websites every day, with the figure peaking at over 20 per day on occasion.
The report also documents a rise in hackers spamming out malicious attachments, designed to compromise PCs in order to steal identities, money and resources. By the end of 2008, Sophos was tracking five times more malicious attacks arriving through files attached to emails than at the start of the year.
Like Finjan, Sophos said Web 2.0 applications, such as Facebook, continue to be of interest to spammers and malware who break into users' accounts to take advantage of trusted social networks, and send spam and malware.
"The last year proved beyond doubt that Internet hacking gangs are organized like never before, often working across borders to steal money and data from unsuspecting users. The volume of attacks has increased, with hackers using automated systems to break into vulnerable websites or generate new variants of their malware," said Cluley. "People need to wake up to the reality that the completely legitimate website they are visiting could be harboring a dangerous malware infection planted by hackers. As we enter 2009 we are not expecting to see these assaults diminish. As economies begin to enter recession it will be more important than ever for individuals and businesses to ensure that they are on guard against Internet attack."
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.