Internet users only 2 clicks away from malicious content

MUMBAI,INDIA: The new Websense Insight report released on Friday not only justifies the experts argument that Internet is like a double edged sword but also goes on to say that most Internet users are two clicks away from malicious content from top sites, poisoned search results, and malicious links.

Top sites:

According to the report findings, the path to malware often starts on recreational sites, and most of the top sites are perilously close to danger. The report found that users of the top 1,000 sites are rarely more than two clicks away from malicious content. This includes:

• More than 70 percent of top news and media sites
• More than 70 percent of the top message boards and forums
• More than 50 percent of social networking sites

Poisoned search: Cybercriminals are poisoning search results with malicious links for top trends at a startling rate. For example, searches for trending news and buzz words increased from 14 percent in early 2010 to 22 percent a few months later.

Popular beats porn. Websense research shows that you have a higher chance of running into malicious content from a “breaking trends” search such as a “World Cup 2010” than you do from sexual content searches. For example, a whopping 25 percent of the results from a search for “World Cup 2014” were malicious.

Also read: New wave of Zeus malicious email messages

General search also resulted in a surprisingly high number of threats because criminals have learned to target very specific terms. For example, 30 percent of our results for baby bedding and décor in London were poisoned and 12 percent of our results for vehicle car parts in Toronto were compromised.

Malicious links: We also examined the prevalence of websites containing malicious links, as opposed to malicious content. These sites don’t deliver malware themselves — but while you are on such a “trusted” site, you are only one dangerous click away from an infected site. Many of the Internet’s top sites will lead you to malicious content through the extensive network of partner sites that they are linked to.

Websense uses link analysis to seek out risky websites that have a high probability of linking to bad content. In fact, the more objectionable a topic is, the tighter the ecosystem of links is, and the easier it is to use link analysis to find objectionable or malicious content. We recently found that 22 percent of links in sex and adult sites lead to malicious sites. More astounding is the way that high-risk sites are used to communicate and exchange information:

• 62 percent of the sites that link to games also link to something objectionable or a security risk
• 23 percent of blogs link to something objectionable or a security risk
• 23 percent of message boards link to something objectionable or a security risk
• 21 percent of freeware sites link to something objectionable or a security risk

The report finds that the Social networking sites are also vectors for malicious links. About 40 percent of every status update on Facebook has a link, and 10 percent of those links are either malicious or spam.

The findings were announced today via the first “Websense Insights” online videos. This new, innovative series provides researchers, information security professionals, and Websense customers with an up-to-date overview on breaking security research conducted by the Websense Security Labs and other security researchers around the globe.

Defensio analyzes and classifies user-generated content on Facebook with Websense Advanced Classification Engine (ACE) to prevent the posting of malicious and inappropriate content, and enhances the real-time threat intelligence of the Websense Web Security Gateway. In this way, it acts as a social media threat detector that benefits all Websense customers.

“No matter how careful you are, today’s Internet user is usually only two short clicks away from malicious content and an infected computer or network,” said Charles Renert, senior director, Security Research for Websense. “Cybercriminals are increasingly more ingenious in developing robust systems for enticing users to malicious sites. As Web and social media become more essential in the workplace, companies need information security protection technology that allows flexible Web use and keeps their content secure with real-time inspection.”

“We created the online ‘Websense Insights’ research series so that our customers can quickly learn about the latest Web findings and take action to thwart the bad guys,” said Renert. “Our deep, unprecedented knowledge of the Web helps organizations best leverage social media and the Web and do it safely. “