Pinterest Stumbleupon Whatsapp
Ads by Google

You get warned all the time about being on the lookout for sites that might be harboring malware – but do you know where you’re most likely to get infected with a Trojan or virus What Is The Difference Between A Worm, A Trojan & A Virus? [MakeUseOf Explains] What Is The Difference Between A Worm, A Trojan & A Virus? [MakeUseOf Explains] Some people call any type of malicious software a "computer virus," but that isn't accurate. Viruses, worms, and trojans are different types of malicious software with different behaviors. In particular, they spread themselves in very... Read More ? You might guess porn streaming sites, places to buy prescription meds, dark web pages, or Reddit, the cesspool of the Internet Why Reddit Isn't As Bad As Some People Would Make You Believe [Opinion] Why Reddit Isn't As Bad As Some People Would Make You Believe [Opinion] In recent times, Reddit has been labeled as a kind of Internet cesspool – a place where only the most vile and disgusting individuals go. Granted, this may come from a general misunderstanding of how... Read More . But you’d be wrong.

Where Is Malware Hiding?

According to Cisco’s 2015 Annual Security Report, the top industries that pose a risk to you through their websites, depending on where you live, include aviation, media and publishing, agriculture and mining, food and beverage, insurance, automotive, and real estate and land management.


Not the kinds of sites you expected, are they?

When you think about it, however, it makes perfect sense. They’re the kinds of sites that you visit all the time. Unless you suffer from a pornography addiction Pornography Addiction: The Hidden Struggle & How to Break Free [Feature] Pornography Addiction: The Hidden Struggle & How to Break Free [Feature] Anon22 discovered Internet porn when he was just 12 years old. For around 10 years, Anon22 has enjoyed pornography using his computer once or twice a day, a compulsion that he claims ruined his social... Read More , you’re probably not visiting shady porn streaming sites constantly. The same is likely true with illegal marketplaces on the Dark web, questionable movie and TV streaming sites, and torrents.


Ads by Google

When you look at the worldwide report, the industries are similar, but they also include pharmaceutical, chemical, and legal sites as well. Again, sites that get a lot of traffic.

Of course, just because these are the most dangerous sites doesn’t mean they’re the only places you can get infected. Even though they aren’t the prime vector, adult sites are definitely sources of malware 5 Ways Visiting Adult Websites Is Bad for Your Security & Privacy 5 Ways Visiting Adult Websites Is Bad for Your Security & Privacy While pornography is often discussed in the context of morality, there's a huge security-and-privacy angle that is often overlooked. If you know what to look out for, the safer you'll be. Read More ; downloading images from social networks can get you infected; search engines have been a notable vector for a while; and ads on any site can be compromised Meet Kyle And Stan, A New Malvertising Nightmare Meet Kyle And Stan, A New Malvertising Nightmare Read More . These sites are simply where malware distributors are focusing their attention at the moment.

Just How Risky are These Sites?

Cisco’s report quantifies just how dangerous these sites are by using a magnitude measurement, where 1 represents the average likelihood of exposure to malware. So visiting a site from a sector with a risk rating of 2 would make you twice as likely to be exposed to malware as the average site on the Internet.


As you can see, it’s surprisingly risky to visit some of these sites. Aviation in the US has a risk factor of 5, and media and publishing come in at 2.8. In Asia, the insurance sector has a worryingly high 6, while real estate and land management, automotive, and transportation and shipping sites are all over three times as likely to infect users with malware as other sites.

Worldwide, pharmaceutical and chemical sites show an alarming risk rating of 4.78, with media and publishing following with 3.89.

How Are Users Getting Infected?

As we’ve been saying for a long time, Flash is a big security risk Why Flash Needs to Die (And How You Can Get Rid of It) Why Flash Needs to Die (And How You Can Get Rid of It) The Internet's relationship with Flash has been rocky for a while. Once, it was a universal standard on the web. Now, it looks like it may be headed to the chopping block. What changed? Read More . Cisco’s results confirm that, and also point out that JavaScript is being used to conceal malware hidden in Flash, making it harder to find and analyze.


Attacks based on Java Disable Java on Mac OS X for a Secure System Disable Java on Mac OS X for a Secure System Macs are generally secure, but Java has been causing security problems for years. It's finally time to get rid of Java on your Mac; here's how. Read More , which held a strong lead as the most widely used attack vector, have gone down significantly, and Silverlight attacks are on the rise. PDF files continue to be used How To Spot A Dangerous Email Attachment How To Spot A Dangerous Email Attachment Emails can be dangerous. Reading the contents of an email should be safe if you have the latest security patches, but email attachments can be harmful. Look for the common warning signs. Read More to distribute malware, too, indicating that email-based phishing is still effective.

Scripts and iFrames are common methods of distribution across the world, with exploits and scams playing significant roles as well (especially in Asia, where scams are ranked first).


Another factor that’s become more significant in recent years is malvertising from browser add-ons, which are often bundled with other software. We’ve talked about the dangers of malicious browser add-ons 4 Malicious Browser Extensions That Help Hackers Target Their Victims 4 Malicious Browser Extensions That Help Hackers Target Their Victims You'd be wrong to think all browser extensions are designed to help you. Whether extensions exploit vulnerabilities or send data to hackers, it's time to be vigilant about how you enhance your browser. Read More before, and it looks like being careful about which extensions you use is becoming increasingly important. Stop downloading free software from crappy sites How To Do Your Research Before You Download Free Software How To Do Your Research Before You Download Free Software Before downloading a free program, you should be sure it's trustworthy. Determining whether a download is safe is a basic skill, but one everyone needs -- particularly on Windows. Use these tips to ensure you... Read More , and you’ll be in much better shape.

How to Stay Safe

All of this information points to one inescapable conclusion: hackers, cybercriminals, and malware distributors are smart about what they’re doing. They’re targeting the sites we visit often, they’re finding ways to better conceal malware, and they’re updating the strategies that work so they continue being effective. So you need to be one step ahead.


Fortunately, being one step ahead is really easy. In fact, we tell you how to do it all the time. Download a good anti-virus package The 10 Best Free Anti-Virus Programs The 10 Best Free Anti-Virus Programs Read More . Make sure it gets updated automatically. Update your operating system as soon as you can. Keep your browsers updated. Don’t install add-ons or apps if you don’t know exactly what they do. Review your apps and add-ons on a regular basis to make sure there’s nothing new that you didn’t put there (it really only takes a moment).

And now, you can keep these facts in mind when you’re visiting aviation, pharmaceutical, insurance, and other sites that are common targets. While there isn’t necessarily anything you should be doing differently on those sites, it’s good to know where you might be a target so you can be extra vigilant and on the lookout for anything suspicious.

Are you surprised by the types of sites that are often the source of malware? What would you have expected them to be? Do you use an antivirus package, or will you start because of this article? Share your thoughts below!

Image credits: Cisco, Security Intelligence.

  1. Rich
    March 9, 2016 at 3:27 am

    What's a good antivirus or anti-malware program for Macs?

  2. fred
    January 19, 2016 at 3:13 am

    AdBlock Plus and NoScript in Firefox :-) Works well for me. Avast gives me warnings on the worst of the pages too... I block ALL ads and am careful with NoScript regarding what Javascript I allow. Firefox defaults to block embedded Flash anyway nowadays.

    • Dex
      January 19, 2016 at 11:34 am

      Man, this is exactly what I do. NoScript is like firewall in a browser. Thumb up!

    • Dann Albright
      January 23, 2016 at 7:02 pm

      Yeah, that's definitely one malware-blocking strategy. It's especially good for malvertising, though it won't protect you from absolutely everything. Still helps to be aware of when you're at a site that's statistically more likely to infect you!

      • fred
        January 23, 2016 at 7:43 pm

        well, Dann, nothing short of cutting the network cord is absolutely effective (short of DeepFreeze, it's a great program) hehe.. so it's mainly about reducing risk.. and being extremely careful where you go and what you do.

  3. cloud81
    January 19, 2016 at 2:27 am

    The sentence "Download a good anti-virus package" has a link which refers to a nearly 6 year old page! Much has changed since 2010.

    Surely MUO could provide a more up to date list of suitable anti-virus?

    • Dann Albright
      January 23, 2016 at 7:01 pm

      Oops! Thanks for pointing that out. Will look into it.

  4. likefun butnot
    January 18, 2016 at 7:13 pm

    How to stay safe from drive-by malware infections? Treat all third-party advertising services as hostile. Block them. Do not make exceptions.
    Stopping ads from loading data fixes 99% of the potential for problems.

    • Dann Albright
      January 23, 2016 at 7:01 pm

      Yep, that's definitely one strategy to use. Not everyone is comfortable doing that, but if you are, it definitely helps.

      • fred
        January 23, 2016 at 7:44 pm

        Well, since malvertising has become a new attack vector, it is crucial...

Leave a Reply

Your email address will not be published. Required fields are marked *