Which websites most likely carry malware?

What websites are most likely to get a PC infected with malware? Hint: They’re the kinds of sites most users wouldn’t think twice about visiting while at work. 

For web users, 2011 was a dangerous year, according to a recent report from Symantec. Overall malicious attacks increased 81% last year compared to the year before, including a 36% increase in the number of web-based attacks that were blocked per day.

As cybercriminals begin to rely less on email spam, the report notes, they’re more often using social networks and compromised websites to spread their attacks. Therefore, one of the keys to keep malware off of personal computers and corporate networks is staying clear of sites where malware is likely to be found.

The problem: That’s difficult to do, and there are a lot of misconceptions about what parts of the web are dangerous.

Many users assume pornography sites or those dedicated to illegal activities are most likely to be infected. However, as Symantec’s report shows, that’s not the case.

In fact, religious and ideological websites had three times as many malware infections on average than adult sites, Symantec says.

And the top categories of sites most likely to infected with malware were:

  1. Blogs and web communications
  2. Personally hosted sites
  3. Business and economy
  4. Shopping, and
  5. Education and reference

The reason is that cycbercriminals have a lot of success compromising legitimate sites to conduct drive-by attacks. When people are on sites they trust, they’re less likely to take precautions that could prevent the attacks from being successful.

Symantec recommends businesses educate users on the realities of online security threats, as well as stay diligent about keeping software patched in order to limit the number of vulnerabilities that can be exploited.