Graham Cluley

Cybercriminals are relentlessly attacking Twitter. Over the past few days, Twitter has noticed an increase in phishing attempts and is working feverishly to reset passwords for affected accounts. British politicians are the latest to fall victim to the scams.

Twitter users who have received a direct message or see tweets with phrases like "This you???" or "LOL is this you" followed by a link are warned not to click through because the destination is a crafty phishing site designed to steal personal information.

Facebook and Twitter users are under attack by cybercriminals -- and the incidents are rising, Sophos says in its its 2010 Security Threat Report released Monday. In the past 12 months, Sophos says, cybercriminals have focused more attacks on social-network users. Spam and malware are leading the charge.

Fifty-seven percent of users surveyed reported getting spammed via social-networking sites -- an increase of 70.6 percent from 2008. And 36 percent say they have been sent malware via social-networking sites, a 69.8 percent increase.

Just two weeks after Apple iPhone users in Australia reported jailbroken iPhones came under siege by attackers, a new version of the iPhone worm is posing a threat. Symantec reports the new worm targets jailbroken iPhones running SSH that are still using the default password. The worm can reportedly steal data stored on the iPhone as well as connect back to the attacker, giving them control of the phone.

British police have made the first European arrests connected to the spread of a data-thieving virus thought to have infected tens of thousands of computers worldwide, Scotland Yard said Wednesday.

The electronic crimes unit of London's police force said a man and a woman, both 20, were arrested in the English city of Manchester on Nov. 3 on suspicion of helping infect computers with programs sometimes known as "Zbot" or "ZeuS."

One expert described the viruses as the "most notorious pieces of malware of recent times."

Apple iPhone owners Down Under are reporting their jailbroken iPhones have been hit with a worm that hijacks their wallpaper, changing it to an image of 1980s pop star Rick Astley, and eats up their bandwidth. Although the worm may have spread beyond Australia, there are no confirmed reports yet.

The hacker, who calls himself ikex, claims to have infected 100 iPhones with the malware. The true identity of ikex is 21-year-old Ashley Towns, who shows no public remorse about the hack.

With recent celebrity deaths, spammers are shifting strategies in hopes of cashing in on the misfortunes of others. Although several celebrities have passed away in the last few weeks, pop star Michael Jackson's death is driving the greatest spam volume.

Less than eight hours after Jackson's untimely death, Sophos began to intercept spam campaigns using the singer's name. Sophos also discovered cybercriminals taking advantage of 1970s TV icon Farrah Fawcett's death to spread fake antivirus software.

Mass Mailing Worms

Computer security firms are warning users to be vigilant about spam messages capitalizing the sudden death of U.S. pop star Michael Jackson.

The 50-year-old "King of Pop" was pronounced dead on Thursday afternoon at the Medical Center of the University of California in Los Angeles, after he was in a full cardiac arrest.

Security firm Sophos on Friday reported that about eight hours after Jackson's death, its experts witnessed the first wave of spam messages taking advantage of the breaking news in the subject line and body of the email.

Apple has issued patches for its QuickTime and iTunes software. The patches fix critical vulnerabilities and a bug that was partially revealed in a book, The Mac Hacker's Handbook, by Charlie Miller and Dino Dai Zovi, released in March.

In all, the updates fix 10 QuickTime vulnerabilities and one bug in iTunes. The flaws affect Windows and Mac users alike. The patches came bundled in the QuickTime 7.6.2 and iTunes 8.2 releases Apple published on Monday.

April Fool's Day is just around the corner. Will malware make a fool of millions of computer users, or is the release date of the next version of the menacing Conficker worm just a red herring? And if so, what is really in store for computer security this spring?

April 1 brings on the age-old tradition of jokes and pranks. But this year, April 1 will be more than just April Fools' Day.

The first day of April 2009 is when security analysts around the world will watch to see what happens to thousands of computers because of the Conficker worm, a family of malware that is now widespread and affecting 10 million computers.

Conficker, also known as Downadup, is spread in three ways, including via exploit, weak passwords, and the use of autorun.inf files which are copied to USB drives.

Cat and Mouse