Symantec's Egan clarifies, "2010 saw a continuation of the trend over the last few years for malware to use one of the oldest tricks in the book: to 'con' its way onto a user's system. In other words, it convinces the victim to invite the attacker right in through the front door. Whether by pretending to be a legitimate application - such as rogue antivirus or a fake video codec - or by pretending to be something from an acquaintance of the victim - such as a socially engineered email - socially engineered attacks continued to be one of the easiest ways onto a user's system in 2010."

Webroot's Brandt commented, "It's no surprise that rogue AV is a big moneymaker for malware distributors, so it also should come as no surprise that said distributors have been investing in not only generating new names for their rogues, but also in making them much harder for a casual observer to identify, let alone get rid of."

These are just a handful of the big security stories from 2010. Social networking sites such as Facebook and Twitter present a target-rich environment filled with unsuspecting victims whose guard is already down since the purpose of such sites is to share information socially. As we enter 2011, these social networking threats will continue, as will new attacks aimed at mobile gadgets like smartphones and tablets.

Security vendors will most certainly develop new tools and defenses to protect against these threats. But, no amount of security software can replace a healthy dose of cautious skepticism and an ounce of common sense.