Extra Feeds & Services »

Home / News

Study Finds 75% of Malicious Websites from Legitimate, Trusted Sources

  • Jul 29, 2008 10:56 AM PDT
  • Comments: 1
  • Views: 6,712
Print Comment
By CircleID Reporter

New report released today finds 75 percent of malicious websites are from legitimate, trusted sources with "Good" reputation scores. According to the report, 60 percent of the top 100 most popular websites either hosted malicious content or contained a masked redirect to lure unsuspecting victims from legitimate sites to malicious sites.

The stats released today are by researchers from the Internet security company, Websense, which scans more than 40 million websites for malicious code and ten million emails for unwanted content and malicious code.

"Today attackers are overwhelmingly forgoing creating their own malicious sites and targeting legitimate websites that have a built in base of visitors," said Dan Hubbard, chief technology officer, Websense. "There is an element of trust in the Web 2.0 world that the websites we frequent every day are safe, but attackers are taking advantage of the 'good reputations' of websites to launch attacks. Most web security and URL filtering technology today heavily rely on a websites' reputation, but this method is outdated. In terms of security, the URL doesn't matter anymore—it's all about the dynamic content that is served up on the page. To safely use the Internet today, organizations need Web security protection that can analyze the content on the Web page in real-time."

Other key findings include:

• 29 percent of malicious web attacks included data-stealing code, demonstrating that attackers are after essential information and data.

• The convergence of blended Web and email threats continues to increase. Now more than 76.5 percent of all emails in circulation in the past six months contained links to spam sites and/or malicious websites. This represents an 18 percent increase since December 2007.

• More than 45 percent of the top 100 most popular websites support user-generated content.

The following video is provided by Websense where security labs manager discusses report highlights:

To download Websense report State of Internet Security (Q1-Q2, 2008) click here [PDF].

Related topics: Security, Web

Get a weekly summary of postings to CircleID:

 Master Feed (more feeds)      Twitter      Mobile
Bookmark / Email This Post
Print Comment

Comments

It's not that surprising. Most Michele Neylon  –  Jul 29, 2008 11:28 AM PDT

It's not that surprising. Most of the phishing attacks we see on our network would be via compromised websites. The number of actual pure phishing sites is minimal

# 1 Reply  |  Link  |  Report Problems

To post comments, please login or create an account.

Related Blogs

The Browser Is the OS (Thanks to Firefox 3.5, Chrome 2, Safari 4)

  • Jul 01, 2009
  • Comments: 2

The Proxy Fight for Iranian Democracy

  • Jun 22, 2009
  • Comments: 2

No Honor Among Thieves on the Internet

  • Jun 18, 2009
  • Comments: 0

Why Not an Interim Step Until DNSSEC is Ready?

  • Jun 18, 2009
  • Comments: 19

ICANN 35: What's Going Down, Down Under (Want the Low Down?)

  • Jun 17, 2009
  • Comments: 0
View More

Related News

US Teaming Up With Italy to Combat Cybercrime

  • Jun 30, 2009
  • Comments: 0

Trojans Fastest Growing Category of Data-Stealing Malware

  • Jun 30, 2009
  • Comments: 0

US Continues to Lead As Top Country Hosting Phishing Attacks

  • Jun 29, 2009
  • Comments: 0

Gary Warner: We Are Well Past Time to Declare a Spam Crisis in China

  • Jun 29, 2009
  • Comments: 4

SPECIAL: Updates from the ICANN Meetings in Sydney

  • Jun 26, 2009
  • Comments: 0
View More

Industry Updates – Sponsored Posts

Latest Brandjacking Index Examines How Fraudsters Abuse Financial Brands

NeuStar Addresses DNS Vulnerability with Cache Defender, a Secure DNS Authentication System

A Seemingly Overwhelming Number of Important Documents Released by ICANN

.ORG First Open Top-Level Domain to be Signed with DNSSEC

  • By PIR
  • Views: 871

DNSSEC Industry Coalition Symposium is Announced

  • By PIR
  • Views: 921

dotMobi Names AutoTrader.mobi as Millionth Site Tested by Acclaimed mobiReady Tool

SPIL GAMES Chooses MarkMonitor for Global Domain Management

Mobile Banking Benchmarks Now Available

Facebook Selects MarkMonitor Antifraud Solutions to Combat Malware

Benchmarks that Measure Five Critical Dimensions of Success for Mobile Websites

MarkMonitor AntiFraud Solutions, Combining Proven Antiphishing and Expert Antimalware Capabilities

New Study of Mobile Web Trends Demonstrates Strong Growth of Mobile Content Availability

Identify Infringing Domains to Optimize Online Search Marketing Spend

Consider Planning Now for Internationalized Top-Level Domains

DNSstuff.com Offers Trusteer Rapport Product to Help Users Boost Their Defenses Against Online Fraud

MarkMonitor AntiFraud Solutions Combine Proven Antiphishing and Expert Antimalware Capabalities

DNSSEC Industry Coalition Meets with Vint Cerf and Dan Kaminsky

  • By PIR
  • Views: 858

COCC Partners with MarkMonitor for Anti-Phishing Services

ICANN Mexico City Meeting Brings a Significant Shift in Direction for Brand Rights Holder Issues

MarkMonitor Year-in-Review Report Finds Online Abuse of Major Brands Was a Growth Industry for Fraud

View More