More than 12,300 websites in the business category were used to launch cyberattacks or deliver malware in 2017, making company sites riskier than gambling and shopping sites. Attackers are abusing people’s trust in popular sites to launch consistent and effective malware campaigns.
Forty-two percent of the top 100,000 websites ranked by Alexa are considered “risky,” according to Menlo Security’s State of the Web 2017. A site was deemed risky if it met any one of these three criteria: use of vulnerable software, history of distributing malware or launching attacks, and the occurrence of a security breach within the 12 previous months.
The largest category of risk was news and media sites, 49% of which met a risk factor, followed by entertainment and arts (45%), travel (41%), personal sites and blogs (40%), society (39%), and business and economy (39%), which includes company, association, industry group, financial data and serivces, and hosted business application sites. Business and economy sites hosted more phishing sites, ran more vulnerable software, and experienced more security incidents than any other category in 2017, researchers found. The category was hit with 23,819 incidents in 2017.
Read more about the disconcerting findings of Menlo Security’s State of the Web 2017 on DarkReading.