Botnets have become a nexus of criminal activity on the Internet, according to Cisco. This year, numerous legitimate Web sites were infected with IFrames, malicious code injected by botnets that redirect visitors to malware-downloading sites, the company says.

The use of social engineering to entice victims to open a file or click links continues to grow. Cisco expects that in 2009, social engineering techniques will increase in number, vectors and sophistication.

And targeted phishing -- spear-phishing -- is also expected to become more prevalent as attackers personalize spam and make messages appear more credible, Cisco says.

Some 2009 trends to look for, according to Cisco are:

* Insider threats -- The global economic downturn may prompt more security incidents involving employees.