One in 78 links sent via Instant Messenger is now to malicious content
by Michael Smith (Veshengro)
According to findings by the security company MessageLabs 1 in 78 links sent via instant messaging (IM) programs is to malicious content, and it does not matter, it would seen, which service is being used.
The company said this was an increase of 78 per cent over the past six months.
Paul Wood, intelligence senior analyst at MessageLabs said the increase in threats was down to hackers breaking through Captcha technology. And you all thought that was a safe way, didn't you.
This technology, which involves the user having to read a distorted image of a word and enter that text correctly, is often used when people register for an IM account.
“Bypassing Captcha technology enables the bad guys to create large numbers of fake but valid online accounts", said Mr Wood. "
These are used by spammers to send malicious links via IM that redirect victims to spam websites and sometimes compromised websites.”
The report also found that levels of spam, or junk email, were unchanged since May, remaining at 90.4 per cent. The company said this was largely due to the several hours during which Cutwail, one of the largest and most active botnets, was inoperative following the shutdown of California-based internet service provider, Pricewert LLC on 5 June, 2009.
It must also be said, though, regardless of the fact that so many spammers and malicious accounts are being set up on IMs users especially also must learn to be more vigilant. In addition to that, if using, say, Twitter, then there are is great piece of technology available free from Finian, another security firm, to install into your browser that will check all links sent.
On IM the best advice is that if you do not know the person then do not accept any links for him or her. As simple as that. Do not be open to anyone and everyone to add you as a contact. Make sure first that you know the person and, above all, have good anti-malware software installed on your PC and maintain good OpSec.
© 2009
<>