Many users still believe visiting shady websites is the only way to browse their way into malware. But new research shows just how wrong they are.
The folks at Blue Coat Systems report that hackers have shifted their focus from the notoriously malware-prone parts of the web to attacking the websites people visit every day.
For example, 75% of phishing attacks are carried out from trusted domains that have been compromised, Blue Coat says.
Cybercriminals are also using techniques such as infecting the advertisements on trusted sites and using search engine optimization and poisoning search results to lead users their way.
IT managers may want to warn users why there’s no such thing as a “trusted” website.