Malware Dramatically Increasing; Almost All Users Have Clicked on Malicious Links

  • By Dian Schaffhauser
  • 09/02/08

Web security services firm ScanSafe reported that the total number of Web-based malware blocks has increased by 87 percent in July 2008 compared to the previous month. Specifically, the first two weeks in July have shown an extraordinarily high volume of malware blocks. ScanSafe sells online security services, which scan Web requests from its customers and blocks malicious content.

The company said the increase in Web-based malware was driven by the ongoing compromise of Web sites, which represented 83 percent of all malware blocks for the month. The increase was largely the result of the continued SQL injection attacks, which were responsible for 75 percent of all malware blocks in July 2008. As a result, July has had an overwhelming number of malware blocks--34 percent more blocks than the whole of 2007.

"In June 2008 we reported a 278 percent increase for the first six months of the year. That alarming trend has continued with the number of Web-based malware blocks exploding in the first two weeks of July," said Mary Landesman, senior security researcher at ScanSafe.

July 2008 also saw an increase in social engineering e-mail scams designed to install malware--including backdoor Trojans and rogue scanners--on victims' computers. According to the report, 95 percent of ScanSafe customers fell for the scams and attempted to click through to the malicious sites. The malware scanning service blocked customers from inadvertently getting to the malicious content.

"Although this may not seem like a high percentage, it is extremely significant given that these scams are now able to get past spam filters, which typically provide a high level of protection from this type of socially engineered malware," Landesman said. "It is disconcerting that cyber criminals are becoming increasingly sophisticated in creating these scams, so much so that more and more people are falling for them."

The ScanSafe "Global Threat Report" (PDF) is based on an analysis of more than 10 billion Web requests the company scans each month on behalf of business customers in over 60 countries across five continents.

About the Author

Dian Schaffhauser is a former senior contributing editor for 1105 Media's education publications THE Journal, Campus Technology and Spaces4Learning.

Featured

  • student reading a book with a brain, a protective hand, a computer monitor showing education icons, gears, and leaves

    4 Steps to Responsible AI Implementation

    Researchers at the University of Kansas Center for Innovation, Design & Digital Learning (CIDDL) have published a new framework for the responsible implementation of artificial intelligence at all levels of education.

  • glowing digital brain interacts with an open book, with stacks of books beside it

    Federal Court Rules AI Training with Copyrighted Books Fair Use

    A federal judge ruled this week that artificial intelligence company Anthropic did not violate copyright law when it used copyrighted books to train its Claude chatbot without author consent, but ordered the company to face trial on allegations it used pirated versions of the books.

  • server racks, a human head with a microchip, data pipes, cloud storage, and analytical symbols

    OpenAI, Oracle Expand AI Infrastructure Partnership

    OpenAI and Oracle have announced they will develop an additional 4.5 gigawatts of data center capacity, expanding their artificial intelligence infrastructure partnership as part of the Stargate Project, a joint venture among OpenAI, Oracle, and Japan's SoftBank Group that aims to deploy 10 gigawatts of computing capacity over four years.

  • laptop displaying a phishing email icon inside a browser window on the screen

    Phishing Campaign Targets ED Grant Portal

    Threat researchers at cybersecurity company BforeAI have identified a phishing campaign spoofing the U.S. Department of Education's G5 grant management portal.