Commtouch’s labs have seen a significant increase in the number of websites infected with malware. There are currently 34% more malicious sites listed in Commtouch’s GlobalView URL filtering database than there were when we reported Web security statistics as part of our April Quarterly Threats Trend Report.
A recent example: This LinkedIn invitation email led to a site with a Blackhole exploit kit.
The number of phishing sites detected has also increased, but only marginally (3.6%) over the same period. Phishing attacks aim at the usual targets such as PayPal. The attack below is hidden inside a legitimate site.
Entering login details on the well-crafted landing page leads to a further “enter your information†page that wants ALL your data: date of birth, social security number, phone and address, credit card details, and ATM PIN (!).
Finally the phishing site confirms that you have entered all required data before forwarding you to a genuine PayPal login screen.
