More than four out of five web users click on images of adverts from trusted brands such as banks and social networks, without a second thought about malware or spyware, says Symantec.
According to research conducted by YouGov for the security firm, 45 percent of web users claim never to open spam, but 21 percent will happily click on links to social networks such as Facebook without checking to see if its a hoax first.
Furthermore 16 percent of web users said they wouldn't check if a link or image for a music store was genuine before clicking on it, while 5 percent said they do the same when it comes to banks.
"Cybercriminals are always on the lookout for new ways to make money. A current and successful tactic is by exploiting the public's trust and familiarity in a particular brand or piece of celebrity news and using this trust to gain access to their computer," said Orla Cox, security response manager for Symantec.
Cox said that often cybercriminals use imagery in spam emails, or in advertisements that looks genuine but either automatically loads malware simply when a person visits that web page, or downloads malware should you click on them.
"This malware is designed to obtain access to personal information, with the object of selling on or using that information, for example for identity theft purposes such as opening credit cards in stolen names."
Cox also said that online scams involving images of celebrities, particularly ones that are hitting the news, were popular with cybercriminals.