Morphing malware and phished social networks will increase in 2009.
MessageLabs has issued its 2009 security predictions and believes that Web 2.0 will provide an environment for contextual malware, where multiple dynamic data streams will be consolidated to create a malicious environment from a number of diverse, unrelated sources.
It also believes that ‘Malware-as-a-Service' will emerge to allow cybercriminals to request the type of malware they are seeking from an automated system and have it delivered instantaneously.
As social networking spam continues to be phished, MessageLabs believes that this will become much more professional with a goal of collecting as much personal information and information surrounding a person's social network as possible, to enable highly targeted and personalised spam.
The company said that in 2009, spam will include proper names and will be segmented according to demographic or market. These same messages will be shorter with less content to filter and some will resemble legitimate newsletters and other special offers.
Elsewhere, it believes that phishing attacks will focus on exploiting vulnerable DNS domains and websites, and less on the traditional approach of hosting the easier-to-spot typo-like domains. In the same vein, Nigerian style 419 attacks will become harder to recognise at first glance, as the messages will contain only one or two sentences, rather than the rambling prose that has typically identified such scams.
MessageLabs said that the true nature of the scam will be revealed slowly, as the target is invited to reply to find out more about the ‘business opportunity' offered. Additionally, scammers will also make greater use of email attachments to convey their messages with more detail, enabling the scam to bypass traditional anti-spam filters.