- Cyber criminals are spending less effort on trying to exploit vulnerabilities in Windows systems, and are turning instead to other platforms, particularly those used on mobile devices. This probably reflects both the efforts made, by Microsoft and others, to improve Windows security, and the rapidly increasing popularity of mobile technology. Third=-party mobile apps have become a popular attack vector.
- One bit of good news: overall Internet spam volume is down, for the first time ever, although there are some specific areas where spam is continuing to increase.
- Social engineering is still a big part of many successful exploits, especially using sex appeal, greed, vanity, trust, sloth, compassion and urgency.
- Cyber criminals are increasing their efforts to recruit “money mules”: gullible people who will open bank accounts, or use their own accounts, to help the Bad Guys “cash out”.
The report also contains some interesting discussion on the most lucrative targets, and how they might be better defended.
Update Friday, 21 January, 12:40 EST
ThreatPost, the security news service from Kaspersky Labs, also has an article on the Cisco report.