Every hour, the ThreatSeeker Network scans more than 40 million websites for malicious code and nearly 10 million emails for unwanted content and malicious code.
79.9% of websites with malicious code were legitimate sites that have been compromised.
Since April 2010, the ThreatSeeker Network has detected over 1 million malicious URLs every month.
In 2010, script-based attacks, blended email campaigns, and SEO poisoning were all common.
In 2010, one organization used a Trojan Horse to steal banking information, raking in some $20 million.
Attacks in 2010 included those targeting critical infrastructures and the world’s biggest blogging platform.
The U.S. was the #1 country where malware connected on the Web.
Our research shows 22.4% of real-time search results on entertainment will lead to a malicious link.
Malware authors secretly host their wares on very popular legitimate websites.
The number of malicious websites jumped 111.4% from 2009 to 2010.
In 2010, on average, only one of every four AV companies detected the big brand name threats.
9% of data stealing attacks happened over email.
A high percentage of data loss is due to employee error, not insider theft.
52% of data stealing attacks occurred over the Web.
The Web continued to be the biggest path to malware.
65% of the top 100 most popular websites are categorized as social networking or search.
Reputation services have simply become ineffective as email plays one role in the grand scheme of larger blended attacks …
The top spam topic in email content was shopping at 12%.
In many cases, data loss is about good employees making bad mistakes.
The U.S. and China continued to be the top two countries hosting crimeware and receiving stolen data.
Among the top 10,000 popular sites in Twitter, entertainment sites dominated at 36%.
40% of all Facebook status updates have links and 10% of those links are either spam or malicious.
Websense Security Labs and ThreatSeeker Network discovered a new malicious spam campaign that spoofed job application responses at one popular website.
More than 80,000 email messages relating to World Cup soccer used an HTML attachment with an embedded JavaScript that led to a malicious website.
SEO optimization combined with rogue AV and email containing data stealing components will not slow.
Spam campaigns will continue to target the walls of Facebook and other social networking sites.
The threat landscape reveals new security threats and confirmed the ongoing menace of well-known threats.
The blended nature of today’s threats means security must integrate email, Web, and data technologies.
Websense is the leading provider of unified content security.
Websense is headquartered in the U.S. and has 26 offices with major operation centers in China, the U.K, and Israel.
Unlike other research labs, Websense has an unparalleled knowledge of malware and where it resides on the Web.
The Websense Security Labs blog delivers the most current information and breaking news about security research topics and advanced Internet threats.
