Extra Feeds & Services »

Home / News

Study Finds 75% of Malicious Websites from Legitimate, Trusted Sources

  • Jul 29, 2008 10:56 AM PDT
  • Comments: 1
  • Views: 8,466
Print Comment
By CircleID Reporter

New report released today finds 75 percent of malicious websites are from legitimate, trusted sources with "Good" reputation scores. According to the report, 60 percent of the top 100 most popular websites either hosted malicious content or contained a masked redirect to lure unsuspecting victims from legitimate sites to malicious sites.

The stats released today are by researchers from the Internet security company, Websense, which scans more than 40 million websites for malicious code and ten million emails for unwanted content and malicious code.

"Today attackers are overwhelmingly forgoing creating their own malicious sites and targeting legitimate websites that have a built in base of visitors," said Dan Hubbard, chief technology officer, Websense. "There is an element of trust in the Web 2.0 world that the websites we frequent every day are safe, but attackers are taking advantage of the 'good reputations' of websites to launch attacks. Most web security and URL filtering technology today heavily rely on a websites' reputation, but this method is outdated. In terms of security, the URL doesn't matter anymore—it's all about the dynamic content that is served up on the page. To safely use the Internet today, organizations need Web security protection that can analyze the content on the Web page in real-time."

Other key findings include:

• 29 percent of malicious web attacks included data-stealing code, demonstrating that attackers are after essential information and data.

• The convergence of blended Web and email threats continues to increase. Now more than 76.5 percent of all emails in circulation in the past six months contained links to spam sites and/or malicious websites. This represents an 18 percent increase since December 2007.

• More than 45 percent of the top 100 most popular websites support user-generated content.

The following video is provided by Websense where security labs manager discusses report highlights:

To download Websense report State of Internet Security (Q1-Q2, 2008) click here [PDF].

Related topics: Security, Web

Get a weekly summary of postings to CircleID:

 Master Feed (more feeds)      Twitter      Mobile
Bookmark / Email This Post
Print Comment

Comments

It's not that surprising. Most Michele Neylon  –  Jul 29, 2008 11:28 AM PDT

It's not that surprising. Most of the phishing attacks we see on our network would be via compromised websites. The number of actual pure phishing sites is minimal

# 1 Reply  |  Link  |  Report Problems

To post comments, please login or create an account.

Related Blogs

Perspectives on a DNS-CERT

  • Mar 16, 2010
  • Comments: 0

Another One (Partially) Bites the Dust

  • Mar 12, 2010
  • Comments: 0

A Little Flexibility from ICANN and We Might Just Get IDNs… for Everyone

  • Mar 08, 2010
  • Comments: 5

Authorities Take Down the Mariposa Botnet

  • Mar 05, 2010
  • Comments: 0

The Internet is Interconnection

  • Mar 03, 2010
  • Comments: 0
View More

Related News

The Internet Among Nominees for Nobel Peace Prize

  • Mar 11, 2010
  • Comments: 0

Survey Says Internet Won't Make Us Stupid

  • Mar 10, 2010
  • Comments: 0

Google Beats Facebook in Popularity Because it Supports More Languages (For Now)

  • Mar 03, 2010
  • Comments: 4

German High Court Says No to Retaining Telecom, Email Data for Tracking Criminal Networks

  • Mar 02, 2010
  • Comments: 0

Comcast Announces Aggressive Plan to Deploy DNSSEC, Launches First Public Trial

  • Feb 23, 2010
  • Comments: 0
View More

Other Topics

Access Providers Broadband Censorship Cloud Computing Cyberattack Cybercrime Cybersquatting Data Center DNS DNSSEC Domain Names Domain Registries Email Enum ICANN Internet Governance Internet Protocol IP Addressing IPTV IPv6 Law Malware Mobile Multilinguism Net Neutrality P2P Policy & Regulation Privacy Regional Registries Security Spam Telecom Top-Level Domains VoIP Web White Space Whois Wireless
View More



Industry Updates – Sponsored Posts

MarkMonitor Year in Review Report: How Escalating Online Brand Abuse is Used to Monetize Web Traffic

.ORG to Fully Deploy DNSSEC in June

  • By PIR
  • Views: 434

The GLOBE Program Chooses Dyn Inc.'s Dynect Platform to Deploy DNSSEC per Federal OMB Mandate

MarkMonitor Sets New Standard in Brand Protection with Site Staydown Service

ICANN and Cybersecurity: Hot Topics at The First Ever .ORG Forum

  • By PIR
  • Views: 1,722

Neustar Implements DNS Security Extensions in the .US Registry

Paid Search Ads Can Lead to Fake Goods

Neustar Launches Initiative to Enhance DNS With Faster, More Secure Updates

Registry Stakeholder Group Comments on Latest ICANN Policies

  • By PIR
  • Views: 1,998

Open Phishing Season

dotMobi Is Now a Member of The LACTLD

Nominum Announces "DNSSEC Made Easy" Solutions

Afilias Announces Winners of the 2009 .INFO Awards

Vote for the Best .INFO Web Site Of 2009

.ORG Highlighted for Success in Fighting Phishing

  • By PIR
  • Views: 2,253

Afilias' Matt Pounsett Elected Director-at-Large for DNS-OARC

SPECIAL: Updates from the ICANN Meetings in Seoul

.ORG Wins WebAward for Website Redesign and Selected as a Finalist for the NonProfit PR Awards

  • By PIR
  • Views: 2,127

Afilias Announces 2009 .INFO Award Judges Panel

SEO Poisoning: A Persistent Malware Threat Targeting High-Profile Brands

View More