Security not just about user education

Education is not a viable solution for preventing security issues, according to Patrik Runald, F-Secure's senior security specialist.

Runald said systems are often compromised in spite of the user practising safe computing. "Even if the user is doing all the right things - making sure the page is encrypted, not opening attachments, for example - they [still] get infected. Education can only go so far," he noted.

Runald said the rising occurrence of "drive-by" downloads is "most worrying", referring to the situation whereby a Trojan, embedded in a website, surreptitiously downloads itself onto a user's system when the page is visited.

He said: "It doesn't have to be a dodgy site. It could be anywhere. You visit the site - bang - you get hit."

A Trojan could be sitting undetected in a user's system until it gets activated, for example when a user logs into a banking website.