Think you're safe when surfing the web as long as you don't navigate to pornographic sites, or those featuring share tips and games? Well, think again. We outline seven reasons why legitimate sites are becoming more dangerous.
You may think you're safe when surfing the internet (as long as you don't navigate to pornographic sites, or those featuring share tips and games).
Well, you're wrong. Security firm Sophos said among the findings in of its threat report for the first six months of this year, was that 23,500 new infected web pages - one every 3.6 seconds - were detected each day during that period.
That's four times worse than the same period last year, said Richard Wang, from Sophos. Many such infections were found on legitimate websites.
Heres Wang's seven primary reasons why legitimate sites are becoming more dangerous.
1. Polluted ads
Many legitimate sites rely on paid advertisements to pay the bills. But Wang said recent infection statistics gathered by his lab show that they are often hiding malware, without the knowledge of the website owner or the user.
"A lot of sites supported by advertisers, rather than contracting directly with the advertiser, work through ad agencies and network affiliates," Wang said.
"Some of these affiliates are less than diligent in reviewing content for flaws and infections."
Ads that incorporate Flash animation and other rich media are often rife with security holes attackers can exploit. When the user clicks on the ad, the browser can be (and often is) redirected to sites that download malware in the background while the user is reading the legitimate site.
Someone in the ad-providing supply chain can be the culprit, though tracing a compromise back to them can be exceedingly difficult, Wang said.
Whatever the case may be, a downloaded Trojan is then free to gather up usernames, passwords and other sensitive banking data.
2. SQL injection attacks
SQL injection attacks are among the most popular of tactics and have been used in several high-profile incidents in the last couple of years.
SQL injection is a technique that exploits a flaw in the coding of a web application or page that uses input forms.
A hacker might, for example, input SQL code into a field that is intended to collect email addresses. If the application doesn't include a security requirement to validate that the input is of the correct form, the server may execute the SQL command, allowing the hacker to gain control of the server.
"The hacker essentially takes advantage of flaws related to shoddy site development," Wang said.
NEXT PAGE: User-provided content
- How legitimate websites can cause you harm
- User-provided content