“There are countless examples where trusted sites have been compromised to host malware, or code that will redirect the user to a malware site,” said report author Chenxi Wang. “It’s important for operators of trusted sites to be extremely vigilant about the security of their sites so that there is no possibility they could be compromised.”
For sites with large quantities of user-generated content, Wang recommended automated scanning tools to check if any content being uploaded contains malware.
Another conclusion of the report is that firms’ brands are more at risk than ever before from phishing attacks. The new anti-phshing toolbar in IE7 will help users to a certain extent, but to “eradicate phishing completely will require a shift in user behaviour to greater vigilance” said Wang.
But Wang warned that internet service providers are unlikely to take a more proactive stance in scanning traffic for phishing sites and malware because of the risk of false positives, and the degradation of service that may result.
The report also highlights the sophistication of the criminal networks which write and disseminate malware for profit; describing various players in the chain from malware producers, through bot net operators to attack launchers.
“A question I raised in the report is ‘what can the good guys do to disrupt this underground economy and break the economic chain to turn things to our advantage?’,” said Wang.
.png&h=140&w=231&c=1&s=0)
.png&h=140&w=231&c=1&s=0)
.png&w=120&c=1&s=0)
EDUtech AU
Integrate Expo 2025
.png&w=120&c=1&s=0)
Security Exhibition & Conference 2025
Digital As Usual Cybersecurity Roadshow: Brisbane edition
iTnews Benchmark Security Awards 2025
.jpg&h=140&w=231&c=1&s=0)
.jpg&h=140&w=231&c=1&s=0)
