ChannelWeb came out with a list of the 10 most dangerous legitimate websites to date. Part 1 of this list was addressed last month.  This month we treat you to sites 6-10:

6.       Image Hosting Sites

Image hosting sites such as DropBox and Image Shack are growing in popularity among hackers as a means of spreading Malware.  Typically, a hacker will use an image to entice users to click on it, subsequently downloading the malicious software, in a form of social engineering.

7.       Banking and Financial Sites

It is obvious why banking and financial sites are popular targets for hackers: they are both popular and loaded with advantageous personal information. Typically such sites are attacked in one of two ways: drive-by downloads where the hacker injected malicious code into the actual webpage or the establishment of a false phishing site resembling the legitimate log-in page. Both types of attack are designed to steal lucrative personal data such as one’s username and password, social security number, credit card number, or bank account number.   

8.       Gaming Sites

Gaming sites are popular with hackers because often gamers are playing for financial prizes and are therefore obliged to enter personal information to receive the compensation.  Hackers have also been known to hijack a player’s site and threaten to delete their profile or change their score to zero if certain monetary demands are not met.

9.       Celebrity Sites

Why: because they are so very, very popular. Hackers will often link to malicious software via third-party content on these legitimate celebrity sites. People, addicted to trolling the web for celebrity info, will be prompted to click on these banners to receive even more information on Brad Pitt or Britney Spears.

10.       News and Government Sites

Once again, the popularity of such sites makes them prime targets.  Typically cybercriminals will exploit site vulnerabilities and will utilize SQL injections to attack unsuspecting users of the site with drive-by downloads.

Conclusion

When browsing the web in the future, be aware of the fact that legitimate sites are now very popular marks for cybercriminals. Surf smart: do not click on anything that appears in the least bit phishy. Also be sure to secure your network end-to-end: from gateway to endpoints.  A secure network is a safe network.

References

ChannelWeb, www.crn.com the article is entitled, “When Good Goes Bad: 10 Most Dangerous Web Sites”  

Want to learn more?

Would you like to learn more about how to secure your network against all potential Malware attacks?

Contact Bryley Systems today! Call 888.280.5799 or email Sales@Bryley.com

ChannelWeb came out with a list of the 10 most dangerous legitimate websites to date. As discussed in the previous articles of this month’s newsletter, legitimate sites are now the preferred targets of today’s hackers as they are far more lucrative than the commonly acknowledged dubious sites.

So, without further adieu, here are the 10 sites to be weary of:

1.       Facebook             

With almost 500 million users, Facebook is the ultimate target for cybercriminals. Ever since the Koobface of 2008 (an anagram for Facebook and a virus that is very much alive and thriving today), Facebook has experienced an escalation of attacks. Beware of fraudulent profiles and Facebook log-in pages as they are phishing Malware attacks.

2.       Twitter

Coming in behind Facebook in social networking popularity, Twitter is another favored target for hackers. The most common of Twitter attacks is an infected URL which will download Malware onto the unsuspecting user’s computer. And just like Facebook, Twitter has also been the victim of phishing attacks, prompting users to sign in on a counterfeit log-in page or to click a malicious link in a phony profile.  

3.       Google

As the most popular site on the Internet, Google is constantly under attack. The most popular of these assaults are search engine poisoning techniques to get malicious sites to appear at the top of the search rankings as traditionally users will trust and click on those sites listed first. Gmail is also a victim of phishing scams.

4.       URL Shortening Sites

Thanks to Twitter and its 140 character limit per Tweet URL shortening sites such as TinyURL and Bit.ly have been increasing in popularity, both with legitimate users and hackers. Not only are these sites being targeted by Malware attackers, but the shortened URLs are also a new vehicle for infection as well.

5.       YouTube

For a long time now hackers have been enticing users of YouTube to download malicious content. The most popular way to do this is to hijack an email or social networking account and to then send the infected video codec to all of the victim’s contacts, creating a sense of legitimacy.

Tune in next month for Part 2 of this list!