Media releases are provided as is by companies and have not been edited or checked for accuracy. Any queries should be directed to the company itself.

F-Secure Q3 Security Threat Summary: Social Media Continue to Attract Criminals

F-Secure reports on major security developments, including leaner and more secure operating systems, the growing importance of safe search results, cybercriminals exploiting social networking websites and celebrity deaths and the re-emergence of past mobile threats.
  • 01 October, 2009 16:10

<p>F-Secure today released its Third Quarter 2009 Security Threat Summary. One of the notable trends during the quarter was a shift to leaner and more secure operating systems. Broadband Internet access continues to increase, but computing resources have not kept pace with software demands.</p>
<p>As a result, lighter software and optimised performance have become a focus for the software industry. The August release of Mac OSX Snow Leopard was already evidence of this trend, and also included antivirus software to protect against trojans. Microsoft’s soon to be released Windows 7 operating system is also set to be leaner and more secure than its predecessor, Windows Vista, whose insistent user access control feature actually prompted many users to turn it off completely – a potentially unsafe situation. Google announced that it is developing the forthcoming Google Chrome OS using minimalist design principles since most of the applications running on the new OS will be hosted on the web.</p>
<p>More secure browsing</p>
<p>During the third quarter, Firefox introduced its new private browsing feature, and released Firefox 3.5.3, which introduced a notification feature for outdated versions of Adobe Flash Player in an effort to reduce security vulnerabilities often created when users don’t keep this software up to date.</p>
<p>Search engine competition is good for security
On the search engine front, Microsoft and Yahoo! agreed to replace Yahoo!’s search engine with Bing. Microsoft hopes to compete with Google by offering unique features in Bing, such as adult content filtering. Safe search results are now an important feature for consumers. The deaths of Michael Jackson, Farrah Fawcett and Patrick Swayze were quickly exploited by criminals through search engine optimisation attacks, which often pointed people to rogue antivirus products. The H1N1 flu has also been used as an emotional "hook" to lead Internet users to scam sites.</p>
<p>Social media and networks under attack</p>
<p>As Facebook reached 300 million accounts in September, social media and social networks have continued to attract criminal and political interest. Personal networking connections offer trusted authentication, which criminals abuse by compromising user accounts and linking to malicious sites. F-Secure reminds Internet users about the importance of strong passwords, and that Facebook passwords should be different than passwords associated with the e-mails used to log into Facebook.</p>
<p>In August, news emerged that Twitter was used to direct botnets. Twitter accounts are also being used to push rogue AV products.</p>
<p>Politically motivated DDoS attacks</p>
<p>Also in August, a Georgian blogger’s Twitter, Facebook, LiveJournal, Google Blogger and YouTube accounts were jammed by a politically motivated DDoS attack, as reported by Elinor Mills on CNET.</p>
<p>In another coordinated DDoS attack during Malaysia’s National Day on August 31st, hackers targeted a Malaysian-based web host and defaced more than 100 websites, including those belonging to Malaysia’s national institutes, universities, media and businesses.</p>
<p>Mobile threats make a comeback</p>
<p>In the world of mobile phone security, this quarter witnessed the re-emergence of the SMS worm, Yxe (also known as Sexy View) – this time in the form of Sexy Space, which behaves much like its predecessor. The new variant, Yxe.D, is again Symbian-Signed, but with a certificate from a different company in China than the earlier version.</p>
<p>The old “missed call scam” is also making a comeback. The scam involves a call from an unknown international number, which is immediately dropped when answered. When the curious person calls the number back, she hears a busy tone audio file, when in fact the call is being charged at a premium rate. F-Secure recommends a Google or WhoCallsMe search on unusual numbers before returning unknown calls to avoid nasty surprises in the phone bill.</p>
<p>To read the full Threat summary, please visit</p>
<p>F-Secure – Protecting the irreplaceable</p>
<p>While you concentrate on what is important to you, we make sure you are protected and safe online whether you are using a computer or a smartphone. We also backup and enable you to share your important files. Our services are available through more than 200 operators around the world and are trusted in millions of homes and businesses. Founded in 1988, F-Secure is listed on NASDAQ OMX Helsinki Ltd.</p>

Most Popular

Editor's Recommendations

Solution Centres


View all events Submit your own security event

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Media Release

More media release

Market Place