McAfee Labs on Monday reported a surge early this year in malicious software aimed at stealing passwords at social networks such as Facebook and Twitter.
The security firm cited a "significant spike" in a "Koobface" social networking worm and a "dramatic increase" in spam in the first three months of 2013.
According to the quarterly global McAfee Threats Report, variations of Koobface, named in a play on the spelling of Facebook, in the first quarter of this year nearly tripled from the previous three-month period.
Koobface is designed to worm its way through people's social networks, using messages to trick friends into installing the code in computers which hackers can then use for more malicious purposes.
The Koobface rise came with a continued increase in the number and complexity of targeted attacks, particularly in the financial sector, crafted to steal information that criminals could turn to their advantage, McAfee reported.
"Cybercriminals have come to appreciate that sensitive personal and organizational information are the currency of their hacker economy," said McAfee Labs senior vice president Vincent Weafer.
"The resurrection of Koobface reminds us that social networks continue to present a substantial opportunity for intercepting personal information."
After stagnating for three years, the volume of spam email leapt, driven by "pump-and-dump" schemes designed to drive stock prices to artificial highs by inducing people into buying shares.