1. Web 2.0 attacks will increase in sophistication

In the coming year, Websense Security Labs predicts a greater volume of spam and attacks on the social Web and real-time search engines such as Topsy.com, Google and Bing.com. Spammers and hackers use of Web 2.0 sites have been successful because of the high level of trust users place in the platforms and the other users. The security firm anticipates this trend to continue in 2010.

2. Botnet gangs to fight turf wars

In the past year, Websense Security Labs noted an increase in botnet groups following each other and using similar spam/Web campaigns tactics such as fake DHL and USPS notifications and other copy-cat behavior. We expect this to continue in 2010. In addition, we anticipate more aggressive behavior between different botnet groups including bots with the ability to detect and actively uninstall competitor bots.

3. Email to become top vector for malicious attacks

In 2010, email used as a vector for spreading malicious attacks will evolve in sophistication. During 2009, Websense Security Labs saw a huge uptake in emails being used to spread files and deliver Trojans as email attachments, after being nearly non-existent for several years.

4. Targeted attacks on Microsoft properties

With the expected fast adoption of Windows 7, we will see more malicious attacks targeting the new operating system with specific tricks to bypass User Access Control warnings, and greater exploitation of Internet Explorer 8. The User Access Control in Vista was originally implemented to prevent malware from making permanent changes to the system such as startup files.

5. Don't trust your Search results

A malicious SEO poisoning attack, also known as a Blackhat SEO attack, occurs when hackers compromise search engine results to make their links appear higher than legitimate results. As a user searches for related terms, the infected links appear near the top of the search results, generating a greater number of clicks to malicious Web sites. In the last year, attackers have used this technique to poison search results on everything from MTV VMA awards and Google Wave invites, to iPhone SMS features and Labor Day sales.

6. Smartphones: Hackers' next playground

At the end of 2009 Websense Security Labs documented four iPhone exploits in a span of a few weeks -- representing the first major attacks on the iPhone platform and the first iPhone data-stealing malware with bot functionality. Smartphones such as the iPhone and Android, which are used increasingly for business purposes, are essentially miniature personal computers and in 2010 will face the same types of attacks that target traditional computing.

7. Malvertising gains

In a high-profile incident in 2009, visitors to the New York Times Web site saw a pop-up box warning them of a virus that directed them to an offer for antivirus software, which was actually rogue AV. This attack was served up through an advertisement purchased by someone posing as a national advertiser.

The successful attack was a worthwhile investment for the criminals and so in 2010 more malicious ads will be legitimately purchased by the bad guys.

8. Macs no longer immune to exploits