As a new year approaches we must prepare for new Internet security threats. Every year, new and innovative ways of attacking computer users emerge and continue to increase in volume and severity. To know where we are going it is helpful to look at where we have been. Finding trends in Internet security has become a valuable, if not necessary, action for companies developing software to protect computer users.

Attacks have increased in sophistication and are often tailored to their specific victim. Trend tracking has shown that in 2008, the Web has become a primary conduit for attack activity. According to Symantec’s Top Internet Security Trends of 2008, attackers have become more difficult to track as they have shifted away from mass distribution of a small family of threats to micro distribution of large numbers of threats.

2008 Trends

Spam and Phishing

This may be the most well known form of computer breaching, and yet it is still the healthiest and fastest growing of attacks. In 2004, Bill Gates predicted that spam would be resolved in another two years. In 2008, we were seeing spam levels at 76 percent until the McColo incident in November 2008, at which time spam levels dropped 65 percent. The battle with spammers has turned into an all out war and spammers are showing no sign of surrendering.


Spammers take advantage of current events, such as the presidential election, Chinese earthquake, Beijing Olympic Games and the economy. They use these widely socialized issues as headlines to lure people into clicking on a link to malware or sending money for unrealistic charitable campaigns. Social networks are only feeding the beast by making it easier for spam attacks to propagate quickly through a victim’s social network.

Phishing walks hand in hand with spam as it utilizes current events to make their bait more convincing. Another phishing tactic particularly recognized over the last year is by offering users a false sense of security by targeting .gov and .edu domains. Although cybercriminals cannot register domains under these domains, they find ways to compromise the Web servers to grant them control. Once control is gained, it becomes harder to fix because the domain cannot be simply deactivated. Lengthy measures are taken to have the company remove the compromised page from their website and secure their servers. The time it takes to make these changes allows the phished page to remain active and hit more victims.

Fake and Misleading Applications

Fake security and utility programs aka “scareware” promise to secure or clean up a user’s home computer. The applications produce false and often misleading results, and hold the affected PC hostage to the program until the user pays to remedy the pretend threats. Even worse, such scareware can be used as a conduit through which attackers install other malicious software onto the victim’s machine.