Social media is one of the main channels used by online bad guys to deliver malware to victims' computers, according to Symantec's latest Internet Security Threat Report, which also warned that more malware was being delivered to mobile devices (of course there's a great deal of potential for overlap between these two areas).
In 2010 Symantec identified over 286 million varieties of malware, which carried out a total 3.1 billion attacks on computers around the world, with the number of attacks conducted over the Web increasing 93% from 2009. Facebook is obviously one of the main targets, and Symantec illustrated the chinks in Facebook's security armor with an app (created using Facebook APIs) that lets hackers see personal information on profiles which are supposed to be closed to the general public.
On average, privacy breaches resulting from malware hacks resulted in 260,000 online identities being compromised, Symantec said -- far more than result from other causes of privacy breaches, for example slipshod privacy management by social networks themselves.
Symantec also drew particular attention to the growing popularity of shortened URLs, which dominate sites like Twitter, as a risk factor in malware attacks, since people click on them without necessarily knowing where they lead. According to Symantec, shortened URLs made up fully 65% of the malicious URLs observed on social networks during a special three-month investigation.
Also contributing to the surge in malware is the increasing popularity of smartphones, especially those carrying the Android operating system. While there's relatively little potential profit in smartphone attacks currently, it could become a lucrative area for malicious hacking as consumers begin doing more banking and purchases over their phones.