Home / News

Study Finds 75% of Malicious Websites from Legitimate, Trusted Sources

New report released today finds 75 percent of malicious websites are from legitimate, trusted sources with “Good” reputation scores. According to the report, 60 percent of the top 100 most popular websites either hosted malicious content or contained a masked redirect to lure unsuspecting victims from legitimate sites to malicious sites.

The stats released today are by researchers from the Internet security company, Websense, which scans more than 40 million websites for malicious code and ten million emails for unwanted content and malicious code.

“Today attackers are overwhelmingly forgoing creating their own malicious sites and targeting legitimate websites that have a built in base of visitors,” said Dan Hubbard, chief technology officer, Websense. “There is an element of trust in the Web 2.0 world that the websites we frequent every day are safe, but attackers are taking advantage of the ‘good reputations’ of websites to launch attacks. Most web security and URL filtering technology today heavily rely on a websites’ reputation, but this method is outdated. In terms of security, the URL doesn’t matter anymore—it’s all about the dynamic content that is served up on the page. To safely use the Internet today, organizations need Web security protection that can analyze the content on the Web page in real-time.”

Other key findings include:

• 29 percent of malicious web attacks included data-stealing code, demonstrating that attackers are after essential information and data.

• The convergence of blended Web and email threats continues to increase. Now more than 76.5 percent of all emails in circulation in the past six months contained links to spam sites and/or malicious websites. This represents an 18 percent increase since December 2007.

• More than 45 percent of the top 100 most popular websites support user-generated content.

The following video is provided by Websense where security labs manager discusses report highlights:

To download Websense report State of Internet Security (Q1-Q2, 2008) click here [PDF].

By CircleID Reporter

CircleID’s internal staff reporting on news tips and developing stories. Do you have information the professional Internet community should be aware of? Contact us.

Visit Page

Filed Under


It's not that surprising. Most Michele Neylon  –  Jul 29, 2008 6:28 PM

It’s not that surprising. Most of the phishing attacks we see on our network would be via compromised websites. The number of actual pure phishing sites is minimal

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

Co-designer of the TCP/IP Protocols & the Architecture of the Internet



New TLDs

Sponsored byRadix

IPv4 Markets

Sponsored byIPv4.Global

Threat Intelligence

Sponsored byWhoisXML API

Brand Protection

Sponsored byCSC


Sponsored byVerisign

Domain Names

Sponsored byVerisign


Sponsored byDNIB.com