Small businesses, government organizations and even online gamers were targeted last month by cybercriminals, new data shows.
Conducted by GFI Software, the study examined the most prevalent threat detections encountered in January, which included phishing emailsaimed at small business owners. The emails posed as notices from the Better Business Bureau and claimed a customer had filed a complaint against the recipient, but the notes actually contained links to malware created with the Blackhole exploit kit.
A number of government organizations were targeted by spoofed messages from the United States Computer Emergency Readiness Team, while gamers looking to score pirated release games fell victim to several different attacks that offered bogus beta invites in return for filling out surveys and recommending links on Facebook and Google+.
Chris Boyd, senior threat researcher at GFI Software, said anyone on the Internet is a potential target for cybercriminals looking to infect systems and scam users.
"They purposefully cast a wide net when picking their methods of attack in order to reach as many targets as possible," Boyd said. "Whether you are a young gamer, a successful business owner or a government employee, you need to be wary when clicking on links that appear to pertain to your interests, especially when asked to submit personal information online."
Malware writers and Internet scammers also sought to attack a wider cross-section of the population by creatively piggybacking on hot news topics and highly trafficked websites. An example is the shutdown of the file-hosting website Megaupload, which led to a domain typo scam targeting both regular users of the website and visitors interested in seeing the FBI notice posted on the site. Once victims reached the misspelled URL, they were redirected to various sites promising fake prizes and seeking personal information.
"While cybercriminals may not be picky about their choice of victims, their choice of tactics is anything but haphazard," Boyd said. "Cybercrime campaigns are designed to cripple systems and steal personal information."
Chad Brooks is a Chicago-based freelance writer who spent 10 years working as a newspaper reporter before working in public relations. You can reach him at firstname.lastname@example.org or follow him on Twitter @cbrooks76.