Social media sites allowing user-generated content are a main target for cybercriminals and spammers, according to a new report by Websense about the state of Internet security in Q3 and Q4 of 2009.

Firefox Add-Ons Caught With Malware

The report found that 95 percent of user generated comments to blogs, chat rooms and message boards are spam or malicious.

Websense identified 13.7 percent of searches for trending news/buzz words (as defined by Yahoo Buzz & Google Trends) led to malware. Search engine optimization poisoning attacks target the top searches allowing hackers to drive traffic to their sites.

Overall, comparing the second half of 2009 with the same period in 2008, there has been an average growth of 225 percent in malicious websites. Malware authors continue to capitalize on website reputation and exploiting user trust with the second half of 2009 revealing 71 percent of websites with malicious code are legitimate sites that have been compromised.

“Malicious hackers are really focusing their efforts to ensure they’re driving their victims straight to them, said Dan Hubbard, Chief Technology Officer, Websense.

“By poisoning search results and focusing on Web 2.0 sites, their efforts are often more efficient and effective. The blended nature of today’s threats combined with compromised legitimate sites, takes full advantage of an increased perception of trust when using search engines and interacting with friends or acquaintances online.”

Other highlights from the report include:

–Websense Security Labs found that 35 percent of malicious Web attacks included data-stealing code, demonstrating that attackers are after essential information and data.

–Websense Security Labs found that 35 percent of malicious Web attacks included data-stealing code, demonstrating that attackers are after essential information and data

–Websense Security Labs identified that 85.8 percent of all emails were spam.