Study: Religious sites pose bigger cyber threat than porn sites

Holy malware! Religious sites may pose a much bigger cyber-threat to surfers than adult or pornographic sites, according to a study by Symantec, a computer security vendor. Symantec said its Internet Security Threat Report’s 2011 trends published in April showed that, “Religious and ideological sites were found to have triple the average number of threats per infected site than adult/pornographic sites." Moreover, it said "We hypothesize that this is because pornographic website owners already make money from the Internet and, as a result, have a vested interest in keeping their sites malware-free – it’s not good for repeat business.” According to tech site Mashable, the Symantec study was released only last week. In its study, Symantec noted porn sites were not even in the top five categories of websites that its study found to be most infected. By category, Symantec listed the most infected sites as:

61% of malicious sites ‘regular sites' Symantec said its study also found 61 percent of malicious sites “are actually regular Web sites that have been compromised and infected with malicious code.” The study also found drive-by attacks continue to be a challenge for consumers and businesses, accounting for hundreds of millions of attempted infections every year. It said this happens when users visit a website that is host to malware by clicking on a link in an email or a social networking site. But in some cases, it said victims may get infected even by visiting a legitimate website that has itself been infected. “Attackers keep changing their technique and they have become very sophisticated. Badly-spelled, implausible email has been replaced by techniques such as ‘clickjacking’ or ‘likejacking’ where a user visits a website to watch a tempting video and the attackers use that click to post a comment to all the user’s friends on Facebook, thereby enticing them to click on the same malicious link,” it said. Due to this, Facebook has implemented a “Clickjacking Domain Reputation System” that has eliminated the bulk of clickjacking attacks by asking a user to confirm a Like before it posts, if the domain is considered untrusted. US, China, India top sources of malicious activity Symantec said the United States, China and India remained the top sources for overall malicious activity, mainly due to their large Internet populations. It said the overall average proportion of attacks originating from the United States increased by one percentage point compared with 2010, while the same figure for China saw a decrease by approximately 10 percentage points compared with 2010. The US was the number one source of all activities, except for malicious code and spam zombies, where India took first place. Around 12.6 percent of bot activity originated in the USA as did 33.5 percent of web-based attacks, 16.7 percent of network attacks and 48.5 percent of phishing websites. — LBG, GMA News