Most Internet users are only two clicks away from malicious content from top sites, poisoned search results, and malicious links, according to Websense.
The path to malware often starts on recreational sites, and most of the top sites are perilously close to danger. Users of the top 1,000 sites are rarely more than two clicks away from malicious content. This includes:
- More than 70 percent of top news and media sites
- More than 70 percent of the top message boards and forums
- More than 50 percent of social networking sites.
Cybercriminals are poisoning search results with malicious links for top trends at a startling rate. For example, searches for trending news and buzz words increased from 14 percent in early 2010 to 22 percent a few months later.
General search resulted in a surprisingly high number of threats because criminals have learned to target very specific terms. For example, 30 percent of our results for baby bedding and dÃ©cor in London were poisoned and 12 percent of our results for vehicle car parts in Toronto were compromised.
Websense examined the prevalence of websites containing malicious links, as opposed to malicious content. These sites don’t deliver malware themselves – but while you are on such a “trusted” site, you are only one dangerous click away from an infected site. Many of the Internet’s top sites will lead you to malicious content through the extensive network of partner sites that they are linked to.
Astounding is the way that high-risk sites are used to communicate and exchange information:
- 62 percent of the sites that link to games also link to something objectionable or a security risk
- 23 percent of blogs link to something objectionable or a security risk
- 23 percent of message boards link to something objectionable or a security risk
- 21 percent of freeware sites link to something objectionable or a security risk
- Social networking sites are also vectors for malicious links. About 40 percent of every status update on Facebook has a link, and 10 percent of those links are either malicious or spam.
“No matter how careful you are, today’s Internet user is usually only two short clicks away from malicious content and an infected computer or network,” said Charles Renert, senior director, Security Research for Websense. “Cybercriminals are increasingly more ingenious in developing robust systems for enticing users to malicious sites. As Web and social media become more essential in the workplace, companies need information security protection technology that allows flexible Web use and keeps their content secure with real-time inspection.”