Businesses are increasingly under attack by cyber-criminals who seek to exploit employees connecting to corporate networks via mobile devices and their rising use of social media.
According to SonicWALL, Inc.'s mid-year cyber-threat intelligence bulletin, growth in Android-based malware and social media scams, such as click-jacking on Facebook and malicious links sent over Twitter, are creating new and heightened levels of business vulnerability from data intrusion, theft and loss.
Productivity and profitability are also compromised due to network and application downtime.
"Cyber-criminals are focusing their attention on penetrating corporate networks and data through mobile workflow and applications," says Boris Yanovsky, SonicWALL vice president of software engineering.
Yanovsky adds that employees innocently surfing dating sites via a mobile device or PC, that are in fact fake sites, or clicking on offers on Facebook such as a free McDonald's meal that are click jacking scams, can have a catastrophic impact on data security, business continuity and profitability."
The report highlights that bobile-based threats have risen significantly over the last six months.
While these threats are not as widespread as computer-based threats, cyber-criminals have found workarounds to attack mobile phones on any platform.
With the growth of the Android Market, there has been an increase in rogue applications affecting thousands of users, says the report.
As social media has become part of the fabric of social and work-life, constant access to sites by employees from the corporate network is creating new levels of vulnerability.
The U.S., Canada and Taiwan are the most heavily hit countries for worldwide threat-related traffic. A snapshot of the top 10 most heavily hit countries may be viewed here.
Top malware threats in the first half of 2011 were fake anti-virus malware, including a new variant consisting of fake desktop utilities.
Most dangerous threats over the last six months include advanced persistent threats that come in through clicked links, lie hidden for an indefinite period of time and become active at a predefined time.
MORE ARTICLES ON SECURITY