Cisco: Mainstream Web Sites Are More Risky than Porn Sites

Published

eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

Cisco recently published its 2013 Annual Security Report [PDF file], which states that the highest concentration of online security threats target legitimate Web sites rather than pornography, pharmeutical or gambling sites — online shopping sites are 21 times more likely to deliver malware than counterfeit software sites, and online advertisements are 182 times more likely to deliver malware than pornography.

“Cisco’s analysis indicates that the vast majority of Web malware encounters actually occur via legitimate browsing of mainstream websites,” the report states. “In other words, the majority of encounters happen in the places that online users visit the most — and think are safe.”

“Compromised websites hosting malicious Java and iFrame attacks and other malware far and away outpaces all other delivery vectors for malware, Cisco’s report said. … Infecting benign sites with malware remains at the heart of malware propagation as attackers continue to find great success delivering malware over infected banner ads on Websites, malicious media files or redirects via iFrame,” writes Threatpost’s Michael Mimoso.

“Not surprisingly, Cisco attributed the shift of malware toward mainstream sites and banner ads as an attempt by cybercriminals to target the pockets of the web that attract the largest and most active audiences,” writes Network World’s Colin Neagle.

Jeff Goldman Avatar

Subscribe to Cybersecurity Insider

Strengthen your organization’s IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices.

This field is required This field is required

Get the free Cybersecurity newsletter

Strengthen your organization’s IT security defenses with the latest news, solutions, and best practices. Delivered every Monday, Tuesday and Thursday

This field is required This field is required