Study: Web Trumps Email in Largest Malware Source

A new study reports websites are causing more malware infections than email. In the past, it was believed that email hacking and malware, also known as phishing, were the biggest threat to you or your business. Now a new report conducted by Osterman Research and provided by Trustwave shows surfing the web is more of a risk.

Looking at the most recent numbers of individuals and businesses affected by malware and viruses on their computer, the report revealed that about 74 percent of the incidents occurred as a result of web surfing. A lower 64 percent of emails were reported as being the cause, while just 14 percent was due to social media.

The managing consultant for Trustwave, Mike Park, remarks that people faced with cyber attacks like malware from web searching is nothing new, but the fact that it has now outweighs email attacks is somewhat surprising.

How the Web-Based Attacks Happen

The most recent type of web surfing malware attacks are through what is called a water hole attack, which targets businesses and organizations. In a water hole attack, hackers infect a specific targeted website that Internet user regularly visit with malware. They get into the website, through whatever security the website owner has up, and is able to cause a virus through this website. In some cases, it is a copycat website that looks just like another that is legitimate and secure.

Park also noted that there are even more risks with people loaning their laptops or tablets to others who are not as familiar with Internet security issues, and access these virus-ridden websites. The business owner might also be using their device at a remote location, where information sent over that network is not secure. It seems to be common among websites with streaming video and online games.

Because spamming attacks through email are not successful as they once were — thankfully due to email users being more vigilant about what they open —  hackers have resorted to more intricate ways of causing viruses and malware.

How to Protect Yourself

Aside from having a firewall, malware software, and security on your computer to avoid cyber attacks, there are other ways to surf more safely when using the Internet. Proper security training and best practices policies, including

are all good options.

Further, be sure all employees and anyone using company computers, devices or laptops know about how to surf safely. Teach them about the safe websites to use, looking for the https security lock on their toolbar before entering information, and never entering private or sensitive information over a shared and unsecure network. Additionally, have a cyber liability insurance policy in the event of a malware attack.