Security Advice for 2010: Trust No One

Not everything is at it appears. While this should be a no-brainer for anybody venturing onto the Web, this little piece of advice will pay higher dividends in the new year, according to security experts, who say cybercriminals are increasingly preying on people's misplaced trust in each other and popular Web sites. This advice applies especially to hot technologies, such as social networking and smart phone users, but also anybody who uses search engines, clicks on Internet ads, or sits in front a Mac they thought was safe.

Social networking Web sites such as Facebook, MySpace, Google Wave, and Twitter will become major focuses of cybercriminals looking to spread malware and steal sensitive data. That's the prediction of many major Internet security firms, including McAfee Labs and Websense Security Labs.

McAfee Labs, which published its 2010 Threat Predictions report in late December, suggests that users of Facebook and Twitter are especially vulnerable because they put too much trust into the systems, the underlying technology, and other users.

For example, the use of abbreviated URLs on Twitter makes it easier for cybercriminals to mask and direct users to malicious Web sites, the security group notes. Similarly, on Facebook, McAfee fears that rogue software writers will take advantage of "friends trusting friends" to get users to click on links they might otherwise treat cautiously.

The protective blanket of anonymity enjoyed by non-mainstream (i.e., non-Windows) platforms such as Mac OS and Linux will be a little thinner this year, thanks to a new generation of cross-platform malware enabled by technological advances, such as enhancements in HTML 5, McAfee Labs predicts. Google's Chrome OS will also do much to further the democratization of cyber threats. itjungle