In 2008 researchers from the University of California at Berkeley and San Diego posed as spammers, infiltrated a botnet and measured its success rate. The investigation confirmed only 28 “sales” on 350m e-mail messages sent, a conversion rate under .00001%. Since then, says Mr Peterson, the numbers have got worse.

Given how good my Gmail account is at filtering out spam and assuming that other email software is rising to that standard, I’m not surprised that the conversion rate is so low. So what are spammers doing now?

Well, Twitter seems to be a breeding ground in rude health:

…researchers from the University of California at Berkeley and the University of Illinois at Champaign-Urbana show that 8% of links published [on Twitter] were shady, with most of them leading to scams and the rest to Trojans.

And I suspect we’ll see Facebook become an increasingly important launching pad for similar threats. The security arms race continues.

Happy holidays, dear readers!

First, which browsers are the most common these days? Wikipedia has a useful summary of browser usage statistics collected from various sources. The summary statistics look a little off to me (even after considering the note at the bottom of the table), but you get the basic idea: Internet Explorer and Firefox are running away with it.

Security Update

Internet Explorer 6 remains a hopelessly dangerous browser, but I’ve been impressed by Internet Explorer versions 7 and 8. If you haven’t yet upgraded, do so now.

I wanted to update previous comparisons (see here, here, and here) between the two most prominent browsers, but Secunia, the security consultancy I had been getting figures from, now advises against using its statistics for comparison purposes because of the way it reports them.

Fair enough, and it wouldn’t hurt to go to a second source. I recently ran across a report by NSS Labs, which mentions that “53% of malware is now delivered via internet download versus just 12% via email, while IFrame exploits and other vulnerabilities comprise 7% and 5%, respectively…” (If you’re wondering, IFrame exploits are just another flavour of attack aimed at web browsers.)

Check out the report summary, which has two very interesting graphs. It looks like Internet Explorer 8 is beating Firefox (and other browsers) by a wide margin when it comes to protecting against “socially engineered malware” (links that lead to infected downloads), while the two leading browsers provide about the same amount of protection against phishing attempts.

The categories with the worst maximum risk profile were lyrics keywords (26.3%) and phrases that include the word “free” (21.3%). If a consumer landed at the riskiest search page for a typical lyrics search, one of four results would be risky.

What makes a webpage dangerous?

• Risky downloads—Downloadable files that contain viruses, spyware, or adware or make unrelated
  changes to the downloading computer
• Browser exploits—Also known as a driveby download, this type of malicious code enables viruses,
  keystroke loggers, or spyware to install on a consumer’s computer without consent and/or knowledge
• Email practices—Registration forms and other sign-ups that result in high volume email, highly
  commercial email or both. We also test for difficultly unsubscribing.
• Phishing—Scam sites that try to trick visitors into believing the site is legitimate
• Excessive popups—Sites that engage in aggressive popup behavior or display large numbers
  of popups
• Linking practices—Sites that aggressively link to other red- or yellow-rated sites

The report, by McAfee, mentions that hacking for profit has overtaken hacking for fame. I suspect that is why we no longer worry about viruses that will wipe our hard drives clean — the tactic is attention-getting, but is unlikely to be profitable to anybody. Today, viruses that collect information about our computing habits and personal lives are the primary threats.

But seriously, remember when all you had to worry about was some dork impressing his friends with some virus named after a girl that kneed him in the balls last week? That was a more innocent time.

Today, viruses have come of age. And they’re not even called viruses anymore. The biggest problems today are spyware and adware. The trouble with viruses was that their sole object was to penetrate your computer, then destroy it. That didn’t make anybody rich, though, because good parasites don’t kill their hosts.

The most sinister and pervasive threats have morphed into commercially propelled vehicles for privacy extraction with a view to profit. These days, when I look at a friend’s computer that has slowed and showed signs of derangement from infection, I don’t find a lot of viruses. But I find boatloads of spyware and adware (and that’s a metric boatload, not one of those sissy imperial boatloads).

So be aware of the threat you face now. A new enemy requires new tactics–this means your anti-spyware and adware programs are more important than ever. I previously recommended Spybot and Adaware for the newly important jobs – read my review of both and find out how to get them (they’re free, of course).

Google, by partnering with the StopBadware Organization, has begun to issue warnings when users click on search results that lead to dangerous websites.

StopBadware keeps a list (so far it appears to be quite limited) of user-submitted websites that are known to host spyware, adware, and other malware. After receiving submissions, the organization analyzes the purported malware using a list of seven categories of bad behaviour that help to identify malicious software.

This list includes:

…deceptive installations, unclearly [sic] identification, causing harm to other computers, modifying other software, transmitting user data, interfering with computer use, and being difficult to uninstall completely.

You can see one of the warnings in action by doing a search for “seriall” and clicking on the first result (SeriAll.com is a website that publishes serial numbers for pirated software). After clicking on the link, you should see a screen similar to the one shown at the top of this post.

Will Google and StopBadware prevail?

Most solutions to this problem, such as downloadable antispyware scanners, are reactive rather than preventative. They help minimize the damage from malware that has managed to nestle into a user’s computer, but do little to prevent the installation in the first place.

Preventative initiatives like Google’s have the potential to greatly decrease the harm and reach of malware. Many websites, including those that deal in malware, depend on search engine results for a good number of their visitors; if this source of internet traffic dries up, malware providers will need to look elsewhere for their victims.

Still, let us hope the execution of this strategy is transparent and level-headed. Because a website’s fortunes can change dramatically depending on the traffic it receives from search engine results, collateral damage to websites that are mistakenly or negligently targeted would be unfortunate indeed.

Happily, the idea so far is not to irrevocably block traffic to a searcher’s intended destination, but to provide a warning en-route. If someone wishes to continue to the website, even after reading the warning, it is fully possible. I hope the policy remains that way and abstains from taking up a censorship position.

Another way to avoid spyware

There is another way to use search engine results to help you vet software before you download it, and I will provide a detailed how-to in an upcoming post. I think you will find it quite useful.

Your computer is hopelessly lost to adware and spyware and viruses. I know because I’ve seen computers like yours. If you upgraded to Firefox as I suggested in the last post, you’re headed in the right direction, but there is more to be done.

Now you need to download two programs (free, of course) that will kill anything that manages to get by your defences.

Spybot Search and Destroy

This extremely well maintained and frequently updated program eliminates all the most common spyware, adware and tracking cookies that infect all computers from time to time. Basically, Spybot will catch whatever your antivirus program misses.

Adaware

Because one anti-spyware program is not quite enough, Adaware will catch anything that Spybot Search and Destroy might miss and vice versa. Both programs are excellent and rarely miss the chance to extinguish the life of spyware, but even the best program will miss something now and again.

Now that you’ve got both of these programs on your computer, you just need to remember to update them often and run them even more often.

Let me make this very clear: you need to be an active participant in keeping your computer clean by running these programs at least once a week and more often if you’ve been infected with a load of spyware recently. They will not actively monitor your computer to catch the bad guys while you sleep.

In upcoming posts, I will recommend free antivirus and firewall programs so that you can finish building an impenetrable fortress around your electronic assets.

Why bother keeping your computer free of spyware and adware? Almost everyone has some type of malware on their computer and I’ll wager that your identity has never been stolen as a result of having it.

On top of that, spyware often helps companies know what you like so that they can market to you better. So it may seem like no big deal, but there are some good reasons why you should take it seriously. Here’s why:

1. Spyware and adware can actually cost you a lot of money. When your computer finally runs out of memory and grinds to a halt because all of its resources are being hungrily consumed by malware, you’ll have to take it to a computer shop to get it fixed, which could cost upwards of $100, or fix it yourself (maybe $50-$200 according to the value of your own time). Either way, you’ll definitely miss the use of your computer for a day or three.

2. You’ll feel safer shopping on the internet knowing that there isn’t a key logger taking down your passwords and credit card numbers, then sending them to www.yourescrewednow.com.

3. You should be keenly aware of how you are trading your privacy in return for “free things”. This is precisely what’s happening when you are surfing the web and decide to download what looks like a free piece of software, but is actually laden with spyware or adware (often, this kind of software comes in the form of screensavers, gambling software, or video games). The company that created that software is making a profit by collecting and selling data about you, about how you use their program, and information about your computer in general.

Your information is very valuable to marketing companies, and you should treat it as such. If you’re going to sell it to them, know how much it’s worth, and get a fair price. For me, the tradeoff is not worth it when the free thing I’m getting is a SpongeBob SquarePants screensaver and the company that created it gets to advertise at me with pop-ups for the rest of my life. You can choose how important your information is to you, and act accordingly.