Continued exploitation of the financial crisis to scam users with fake financial transactions services, fake investment firms, and fake legal services is the top trend to emerge for 2009 according threat predictions by McAfee. “Computer users face a dangerous one-two punch today,” said Jeff Green, senior vice president of McAfee Avert Labs, McAfee’s research group. “The current economic crisis is delivering a blow to our financial well-being, while malware authors are taking advantage of our distraction to deliver a roundhouse strike.”

McAfee threat predictions for 2009 include:

Threats Hide in the Cloud – Miscreants have also transitioned to the Internet “cloud” as their main delivery vehicle and take advantage of the attractions of Web 2.0. It is expected that this trend will continue throughout 2009, eventually displacing more traditional vectors of malware distribution.

Personalized Threats Speak Your Language – Threats will continue to take evasive action against security measures. One example is the existence of single-use binary files, which are an attacker’s equivalent of a single-use credit card number used by consumers when shopping online. These binaries help to create a vast sea of threats, which will make it harder for victims to describe their assailants, and make it harder for defenders to catch them. Additionally, continued expansion of malware in languages other than English are expected. Cybercriminals have come to realize that by diversifying into a global market they can access even larger pools of valuable identity and confidential information.

Malware Targets Consumer Devices – Increased attacks involving USB sticks and flash-memory devices used in cameras, picture frames, and other consumer electronics. This trend will continue due to the almost unregulated use of flash storage across enterprise environments as well as their popularity among consumers.

The Rogue Web and Malvertising – Last year the malware underground used mainstream practices in an effort to “sell” software that was either misleading or outright fraudulent. This trend is expected to continue as cybercriminals still see a lucrative market in this area.

McColo: The Effects of a Takedown – Spam traffic took a tremendous dive in volume when ISPs pulled the plug on spam host McColo Corp., the source of up to 60 percent of worldwide spam. In 2009, we will see a continued shift in organizations, from passive support of law enforcement to an active role of working collaboratively with ISPs and global Internet entities such as ICANN. Together, these organizations will shine the public light on these malicious actors and shut down their access to network and systems infrastructure.

The McAfee 2009 Threat Predictions report is available here (PDF).