Showing results for 
Search instead for 
Did you mean: 
Former Administrator
Posts: 8,592
Location: US
Views: 898
Message 1 of 5

Discuss - what do you see as the largest emerging online malware / security threat today?


To our panel of experts...


What do you see as the biggest malware / security threat facing most users today?   Is it phishing?  Or trojan downloaders or fake Facebook aps, or fake antivirus programs, or just what?

Corrine Microsoft MVP
Microsoft MVP
Posts: 66
Location: Upstate, NY
Views: 883
Message 2 of 5

Re: Discuss - what do you see as the largest emerging online malware / security threat today?

Hi, Mark. 


I'll go with "or just what".  Smiley Wink  


Seriously, although still an ongoing problem, education has made significant leeway in reducing phishing attempts.  Improved spam filters have also helped reduce phishing attempts.


Fake antivirus programs (rogues) became prominent around 2005 (remember names like SpyAxe and SpySheriff from the "SmitFraud" family?).  Since then there have been hundreds of rogues, many malware writers merely re-naming the previous iteration and missing changes to the GUI (graphic user interface) that presents the fake, "your computer is infected" warning. I've noticed a decided decline in rogues since around May of this year.  Rogues remain a serious problem.  However, when new rogues were showing up daily, it was more difficult for security programs to keep up with updated definitions to detect them. 


Fake antivirus programs can also be classified as trojan downloaders (downloading malicious files from a remote server followed by installing and executing the files).   Many of the recent variants have taken on a more serious aspect, aften including a rootkit component.


Tip:  If you ever run into one of the fake/rogue antivirus programs, do not click anywhere on the window -- this includes Cancel or the X to close.  Instead, use the keyboard shortcut Alt+F4 until all windows are closed.  Follow with an updated antivirus/anti-malware scan.  


So, after the above discourse, what do I think is the biggest threat today?  Java and Flash exploits


Now, let's see what the other panelists think. 

Microsoft MVP, Consumer Security
Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!
Security Information and Malware Removal @LandzDown Forum
Lenovo Technology Partner
Posts: 12
Location: Pennsylvania, US
Views: 881
Message 3 of 5

Re: Discuss - what do you see as the largest emerging online malware / security threat today?

Actually, IMHO, there are several threats deserving of mention, and it is hard to pin one down as being the "worst":


1.  Spam - the greatest danger of spam, aside from the annoyance factor, is that it is clogging up the Internet with its' sheer volume.  Today, it represents about 50% of all the volume of the Internet.  Tomorrow, or next year, it will become even a greater percentage of the volume.  Whether we realize it or not, that costs everyone, other than the spammers of course, money for maintaining and growing the technical capacity of the Internet backbone.  And, it is a lot of money being spent just to effectively let those delightful people populate your mailbox or favorite forum with their garbage.


2.  The commercialization of malware.  Do you realize that if you look hard enough (and I am not going to tell anyone how to do that), you will find several completely illegal sites on the Internet where you can purchase malware "kits".  What this means is that it is no longer completely necessary for a malware criminal to actually have some technical knowledge to release malware into the wild.  It still requires some knowledge, but no way nearly as much as it used to be.


3.  Phishing.  These days my email is clogged up with phishing attempts.  I get email from such places as the IRS, the Federal Reserve Board, the FBI, the Secret Service, Interpol, my bank, your bank, etc., all telling me that my refund, funds transfer, bank account, etc., requires some action.  Look behind it and you find that the email originates from some completely unlikely source.  Someplace like Russia, the Ukraine, etc.  It might look legitimate, but it isn't, it is a complete fraud and should be deleted immediately.


4.  The unwillingness of some governments and ISPs to crack down on criminal activities.  And, in some cases, actually be completely supportive of those activities.  Turn your country into a haven for crooks, and guess what?  The crooks will come.  Furthermore, even those governments that try to fight Internet criminals, take so long to develop a case, or it requires such international cooperation, that it is ineffective in fighting the current exponential growth of crime.


5.  Ourselves.  Believe it or not we are also a major threat to the Internet.  Our gullibility, willingness to be cheated, our sheer greed makes a fertile environment for crime to grow.  If it weren't for us, crime on the Internet couldn't survive.


I think that's a good start for a list of the "worst" threats.




Don't Read? Can't Learn!
Lenovo Technology Partner
Posts: 10
Location: PH
Views: 678
Message 4 of 5

Re: Discuss - what do you see as the largest emerging online malware / security threat today?



For me I think FakeAV will continue to be one of the security vendors' headaches -- just like spam.  The bad guys earn tremendous amount of money with this technique so I don't think they will stop anytime soon.


For the "emerging threat" I think it will be threats for mobie devices since almost all new gadgets can now be connected to the Internet -- which makes it more vulnerable to attacks.





Community SeniorMod
Community SeniorMod
Posts: 3,067
Location: US
Views: 609
Message 5 of 5

Re: Discuss - what do you see as the largest emerging online malware / security threat today?



Corrine and  had some excellent answers about the biggest threats today, so I am not sure how much more I can add, but let's see:


  1. As operating systems and applications become more secure, criminals are going to target victims through social engineering mechanisms.  There are many different ways to do this and they occur in many different forms.  Because the industry has done a great job of explaining the threat posed by malware, Fake AV programs, rely on exploiting that aware and tricking the user into purchasing something which has no benefit.  Phishing scams request personal and/or private information, trying to convince users to part with information that can be used to steal their identify, or access the various online accounts used for email, banking, gaming and so forth.  Quite a few people do not realize their web-based email service may keep an archive of all their messages.  That includes messages from banks, credit card companies, online stores and other services which may allow a criminal to siphon funds or purchase items using your money.  On social networking sites like Facebook this can be amplified, as people have a higher level of trust for messages coming from friends.

  2. On the malware side, the problem continues unabated.  What twenty years ago ranged from pranksterism to damaging behavior has become a burgeoning black market industry with multiple layers of specialization as well as cross-connections with other organized crime.  Malware is so economically focused now that it is cause for news when a particular threat doe not have any financial motivation behind it.  Criminals can make a lot more money with a lot less risk by using keyloggers to steal bank account passwords than robbing a branch. 


As far as specific technologies go, let's see what I can come up:


  1. I expect we are going to see more malware targeting 64-bit operating systems as that's the direction the industry is moving in on desktops and even notebooks. While quite a bit of 32-bit malware works just fine under 64-bit versions of Microsoft Windows [just like other 32-bit apps, after all], the 64-bit versions of Windows have some additional safeguards in them to prevent special types of programs like device drivers which interface with the system at a lower level and have greater privileges from running without a valid digital certificate.  Therefore, I expect to see more components like bootkits be deployed, which are intended to bypass these protections in the operating system.

  2. The trend in using encryption to secure web connections and to digitally sign programs in order to allow them to run means that criminals are going to target the certificates, used to safeguard those connections and files, as well as the folks who own those certificates and those who create them. "If everyone starts locking their doors we'll just start stealing keys." seems to be the response, although targeting certificate authorities (the organizations responsible for issuing digital certificates) is a bit more like going after the company which makes the blank keys and key-cutting equipment.

  3. In addition to malicious software such bots, worms, Trojans and even venerable computer viruses, we are going to see more "grey areas" as well. 

    This includes applications which is potentially a threat because they can make changes to a systems that undermine their safety, security and reliability; spy on user activity; make exaggerated, unsupported and unverifiable claims about their effectiveness; are distributed through pay-per-install commission scams; repackage orphaned software and re-sell it, introduce advertisments, toolbars and other unwanted software; change web browser settings and so forth. 

    ESET, like many other vendors, breaks these down into two broad categories, Potentially Unwanted Applications and Potetentially Unsafe Applications (both abbreviated PUA, unfortunately)  with the former lending themselves to deceptive practices while the latter being tools with legitimate uses that are being misused.  Other vendors may use classifications such as adware, crapware, fraudtools, hacktools, pests, potentially unwanted programs, riskware, spyware, trackware and forth.  I wrote a white paper leat year called Problematic, Unolved and Argumentative [PDF, 983KB] on this, and am in the process of revising, since so much has changed since then.

Hopefully, I have answered your question without trivializing or overexagerrating things too much.  The general trend I have seen over the past decades is one of things getting worse, but there are a few spots of brightness.  Both the US Government and Microsoft has had some success is shutting down botnets and fraudulent web sites this year, and journalist Brian Krebs is amongst the people doing some great research into the underpinnings of the criminal ecosystem, so I think there is some hope that things will improve in time.




Aryeh Goretsky



I am a volunteer and neither a Lenovo nor a Microsoft employee.

L380 YogaP50 (20EN-*)S230u (3347-4HU)T23 (2648-LU7)T42 (2378-R4U)T43p (2678-H7U)T61p (6459-CTO)W510 (4318-CTO)W530 (2441-4R3)W530 (2441-4R3)X100e (3508-CTO)X120e (0596-CTO)X220 (4286-CTO)X250 (20CM-*)Yoga 370

de.gif Deutsche Community es.gif Comunidad en Español ru.gif Русскоязычное Сообщество pt.gif Communidade Portugues
Top Kudoed Authors