According to McAfee, cybercriminals are branching out from simple attacks on your email, moving on to attacks executed using your smartphone. “New mobile malware in 2010 increased by 46 percent compared with 2009,” states Joris Evers, a McAfee spokesperson.

Symbian and Android platforms were among the smartphone users most aggressively affected in 2010, afflicted with Trojans and bots called “SymbOS/Zitmo.A” and “Android/Geinimi.” “Consumers need to realize that mobiles, whether smartphone or tablet, are mini computers,” says David Gorodyansky, CEO of AnchorFree. “This means all the vulnerabilities of a computer exist, often with a less-protected OS.”

The good news is that spambots of the past like Bredolab, Lethic, Xarvester, and parts of the Zeus botnet have been a way less frequent threat. “Concurrently, spam accounted for 80 percent of total email traffic in Q4 2010, the lowest point since the first quarter of 2007,” shared McAfee’s Evers.

Botnet infections stayed relatively small in the fourth quarter of 2010, Rustock, Cutwail and Bobax remained at the top of the bot pack. Social media sites usually acted as the “outbreak monkey” for most major infections. “Whether we are using smartphones or computers, social engineering attacks are still the primary attack vector, and a major vector in the spread of botnet infections,” said Karen McDowell, PhD, GCIH, an information security analyst at the University of Virginia.

As for what smartphone and tablet users can do now, McAfee suggests staying on high alert for Zeus-Murofet, Conficker, and Koobface botnets specifically, and steering clear of phishing URLs from the IRS, gift cards, rewards accounts, and social networking accounts as a whole.

Phishing vectors can spread bot diseases when you unknowingly click on phishing emails, answer phishing phone calls, or click on text messages that look like they are coming from your smartphone carrier, McDowell explained, the best way to avoid this is the same caution we’ve been taught all along. “Never give information via email, smartphone or on the Web, and verify independently before you click on any unknown text or email message, game, application or security update.”

All twenty million new pieces of malware that was floating around the internet in 2010 is now making it’s way to your smartphones because “cybercriminals are keeping tabs on what’s popular and what will have the biggest impact from the smallest effort,” said Vincent Weafer, senior vice president of McAfee Labs. Another way to steer clear of malware is be vigilant during web searches. Out of the top 100 search results, 51 percent went straight to infected sites, not to mention the abundance of weaknesses discovered by developers in Flash and PDFs  in 2010.

“It really doesn’t matter what type of device is used — the steps to secure a Web application haven’t changed, you can never trust input: always authenticate, validate and sanitize input data,” says Sam Shelby, e-government coordinator for the City of Columbia, Missouri.