Today the Commtouch Security Lab (CSL) published its Security Number of the Month for November: Within the last 30 days, the CSL detected 343,927 new malicious websites.
The average of nearly 11,500 new threats every day increases the digital foothold of cybercriminals as well as the likelihood that victims will stray into dangerous territory. The malware endangers businesses and end users with a wide range of threats, including password and identity theft, use of hacked PCs as bots for spam, denial of service attacks, and a growing favorite of cybercriminals – encrypting and then ransoming critical data.
The number, based on Commtouch’s GlobalView Cloud data, is composed of:
- Malware sites – 173,314
- Spam sites – 56,503
- Phishing sites – 114,110
In many cases the sites hosting malware or phishing are compromised legitimate sites with an unnoticed malicious page injected into the site by hackers.
Malware sites typically rely on exploit kits that seek out known vulnerabilities in the browser, operating system, or PDF reader software, among others, and then use these vulnerabilities to gain control of the visiting computer or smartphone. The majority of phishing sites targeted PayPal users, but an increasing number aimed for the Google credentials of users – since these credentials open up an increasing range of linked Google services.
Each month, the research team at Commtouch presents the “Commtouch Security Number of the Month†– a number representing and illustrating a current issue or trend in Internet security.