Home / News

Study Finds 75% of Malicious Websites from Legitimate, Trusted Sources

  • Jul 29, 2008 10:56 AM PST
  • Comments: 1
  • Views: 14,293
Print Comment
By CircleID Reporter

New report released today finds 75 percent of malicious websites are from legitimate, trusted sources with "Good" reputation scores. According to the report, 60 percent of the top 100 most popular websites either hosted malicious content or contained a masked redirect to lure unsuspecting victims from legitimate sites to malicious sites.

The stats released today are by researchers from the Internet security company, Websense, which scans more than 40 million websites for malicious code and ten million emails for unwanted content and malicious code.

"Today attackers are overwhelmingly forgoing creating their own malicious sites and targeting legitimate websites that have a built in base of visitors," said Dan Hubbard, chief technology officer, Websense. "There is an element of trust in the Web 2.0 world that the websites we frequent every day are safe, but attackers are taking advantage of the 'good reputations' of websites to launch attacks. Most web security and URL filtering technology today heavily rely on a websites' reputation, but this method is outdated. In terms of security, the URL doesn't matter anymore — it's all about the dynamic content that is served up on the page. To safely use the Internet today, organizations need Web security protection that can analyze the content on the Web page in real-time."

Other key findings include:

• 29 percent of malicious web attacks included data-stealing code, demonstrating that attackers are after essential information and data.

• The convergence of blended Web and email threats continues to increase. Now more than 76.5 percent of all emails in circulation in the past six months contained links to spam sites and/or malicious websites. This represents an 18 percent increase since December 2007.

• More than 45 percent of the top 100 most popular websites support user-generated content.

The following video is provided by Websense where security labs manager discusses report highlights:

To download Websense report State of Internet Security (Q1-Q2, 2008) click here [PDF].

Related topics: Security, Web

WEEKLY WRAP — Get CircleID's Weekly Summary Report by Email:
Print Comment

Comments

It's not that surprising. Most Michele Neylon  –  Jul 29, 2008 10:28 AM PST

It's not that surprising. Most of the phishing attacks we see on our network would be via compromised websites. The number of actual pure phishing sites is minimal

# 1 Reply  |  Link  |  Report Problems

To post comments, please login or create an account.

Related Blogs

Phish or Fair?

  • Feb 07, 2012
  • Comments: 4

The FBI and Scotland Yard vs. Anonymous: Security Lessons

  • Feb 06, 2012
  • Comments: 0

World Notices That Verisign Said Three Months Ago That They Had a Security Breach Two Years Ago

  • Feb 02, 2012
  • Comments: 2

Holding Google to a Higher Standard in Search

  • Jan 31, 2012
  • Comments: 0

Understanding and Detecting Mobile Malware Threats

  • Jan 16, 2012
  • Comments: 0
View More

Related News

Study Indicates Nearly Half A Million Jobs Created from "App Economy" in US

  • Feb 08, 2012
  • Comments: 0

Mobile Internet Usage at 8.5%, Doubled From Last Year

  • Feb 06, 2012
  • Comments: 0

DNSChanger Trojan Still Running on Half of Fortune 500s, US Govt

  • Feb 02, 2012
  • Comments: 0

Prof. Dave Farber on Where the Internet is Headed

  • Jan 31, 2012
  • Comments: 0

Public-Private Cooperation Policy for Cyber Security Suggested by Commissioner Kroes

  • Jan 31, 2012
  • Comments: 0
View More

Topics

Access ProvidersLaw
BroadbandMalware
CensorshipMobile
Cloud ComputingMultilinguism
CyberattackNet Neutrality
CybercrimeP2P
CybersquattingPolicy & Regulation
Data CenterPrivacy
DNSRegional Registries
DNSSECRegistry Services
Domain NamesSecurity
EmailSpam
EnumTelecom
ICANNTop-Level Domains
Internet GovernanceVoIP
Internet ProtocolWeb
IP AddressingWhite Space
IPTVWhois
IPv6Wireless
View More

Industry Updates – Sponsored Posts

MarkMonitor to Exhibit at Internet Tech Policy Exhibition and Reception to be Held on Capitol Hill

Verisign to Award New Infrastructure Research Grants

Nixu SNS 2.5 Series Gives Fresh Views on DNS

DeviceAtlas 3.2 Released

cPanel Partners With dotMobi to Launch Enhanced Version of goMobi Mobile Web Solution

Neustar Names Joe Pasqua to Head Neustar Labs

Research Reveals Commercial Potential of the New Top-Level Domain Program

Q3 2011 Fraud Intelligence Report

The Spookiest DDoS Attacks in History

Protecting Your Business from DDoS Attacks: Advice from Neustar

Afilias Launches International Contest to Explore Innovative Uses of New Top-Level Domains

All Those Cities, Listen Up! NewDomains.org in Munich

The PIR Partners With the Digital Empowerment Foundation to Bring More India-Based NGOs Online

  • By PIR
  • Views: 1,233

A Different Kettle of Phish

Introduction to Nixu Software: End-to-End Software-Based DNS, DHCP, IPAM Solutions for Your Network

MarkMonitor Fraud Intelligence Report Released for Q2 2011

Award-Winning Mobile Website Builder goMobi Now Available
 Via Parallels Platform

Why Your .COM Should Be a .ORG, Too

  • By PIR
  • Views: 2,753

President Obama Names Neustar President and CEO Lisa Hook to NSTAC

.CO Bursts through 1 Million Domain Milestone

View More

Hot Topics

Minds + Machines

Top-Level Domains

Sponsored by
Minds + Machines
Neustar UltraDNS

DNS

Sponsored by
Neustar UltraDNS
dotMobi

Mobile

Sponsored by
dotMobi
Afilias

DNSSEC

Sponsored by
Afilias
Verisign

Security

Sponsored by
Verisign
View More