Some 81 per cent of respondents to a poll have said that Facebook posed the biggest security threat of all social networks – up from 60 per cent in 2010. 

As Facebook holds so much personal information on users, scam attacks have been severe in 2011. The scams include cross-site scripting, clickjacking, bogus surveys and identity theft, said IT security and data protection firm Sophos in a report.

Social media threats have sharply escalated while mass scale email-focused attacks are diminishing, the report said. 

The report also said that fake anti-virus and search engine poisoning have become more commonplace and, since the beginning of 2011, on an average 150,000 malware samples have been identified every day. 

This equates to a unique malware file being created every half-second, a 60 per cent increase since 2010, the company said in its Mid-Year 2011 Security Threat Report.  In addition, around 19,000 malicious website addresses (URLs) are now identified daily, with 80 per cent of those URLs being pages on legitimate websites that have been hacked or compromised.

High-profile hacking attacks against governments and corporations have dominated the security landscape in 2011. The result is that other security issues which could pose a greater threat to businesses, governments and consumers – such as fake anti-virus, search engine poisoning and social networking scams – have received less attention. With a new unique malware threat seen almost every half second, it's vital for businesses to build the proper defences.

“2011 has seen a continued massive increase in the volume of malware in which the Web is the dominant vector for both targeted and mass-scale attacks,” said Mark Harris, vice president of SophosLabs. 

“The virulence of attacks such as fake anti-virus requires a prompt move by IT organisations and consumers to employ more layered Web protection and defences to reduce the attack surface of the devices they use.” 

The Sophos Mid-Year 2011 Security Threat Report focuses on new types of threats that have dominated the information security landscape since the start of 2011.  The report also offers advice on how organisations can properly defend themselves against the new wave of malware and scams. Key threats identified in the report include search engine poisoning, also known as Black Hat SEO, which is on the rise, threatening businesses of all sizes. 

Cybercriminals manipulate search results from Google, Bing and Yahoo to lure web surfers to malicious pages.  These criminals usually hijack key words relating to breaking news or other popular search terms. 

Hackers redirect users to malicious sites that place viruses, worms, Trojans or fake anti-virus software on computers.  Search engine poisoning attacks are extremely effective, and account for more than 30 per cent of all malware detected by Sophos’s Web Appliance (SWA).  - TradeArabia News Service