The "Websense 2010 Threat Report," has mostly bad
news for users — the number
of malicious Websites increased 111.4 percent between 2009 and 2010. Nearly 80
percent of all malicious sites are compromised legitimate Websites
Search engine optimization by attackers has not helped the situation.
According to Websense, Web users searching for breaking news have a 22.4
percent chance of being lured to a malicious site — more than those searching for
adult content, who have a 21.8 percent chance.
"The earthquakes in Haiti and Chile, Corey Haim’s death, and the World
Cup of Soccer were just a few examples of cleverly manipulated search engine
results steering people to bogus links that rated higher than legitimate
results," according
to the report. "Similar to what we found in 2009, the botnets behind
these campaigns are being repurposed once the illegitimate campaign has been
removed from the search engine results.
"Many of the 2010 SEO attacks were blended in nature, with a second
component consisting of Rogue [Antivirus]," the report continues. "Both
approaches used bogus AV campaigns offering free health scans that identified
fake infections. Upon notification of a fake virus, users were prompted to
download a free ‘antivirus’ software where a second scan asked them for their
credit card information to remove the fake malware."
According to the report, the United States
was the No. 1 country hosting crimeware and phishing sites in 2010.
For more, read the eWeek article Malicious Websites Jump Dramatically in 2010.