Increasing number of malicious websites and malware have made vulnerable to internet access. Yesterday, Google reportedly stated that it finds out about 9,500 new malicious websites everyday. The search engine giant has also explained, everyday it warns approximately 12-14 million internet users those search for queries on Chrome browser.
Google has claimed to protect 600 million users through its ‘built-in protection’ for different browsing platform–including Chrome, Firefox and Safari–on which it shows several million of warnings every day to internet users. Google provides malware warning for about 300 thousands downloads each day through ‘download protection service’ on Chrome platform. In addition to these, it sends thousands of notifications to webmasters, Internet Service Providers (ISP) & CERTs per day.
The graph (above) is demonstrating how Phishing sites are increasing month-over-month. In February of this year, number of phishing site discovered surpass 300,000 figures. Phishing attacks are getting smarter, creative and sophisticated day-over-day. Sometimes, many phishing webpage (URLs) remain online for less than an hour in order to avoid detection. Now, these attacks are globally targeting to companies, merchants and banks.
Phisher are mainly targeting to online commerce sites including eBay and PayPal. Phishing sites use to identify the inclinations of users towards specific gear on popular websites and social networking sites and provoke them to install malware software on their ‘internet accessing device’.
There are mainly two categories of websites that harm visitors; first, Legitimate websites, and second, Attack website. A graph for ‘infected sites discovered monthly’ has been given above. It’s pretty clear from the above graph that infected sites discovered at the beginning months of 2009 were almost at the maximal levels.
‘Attack sites discovered’ are continuously increasing month-over-month since last year. The attack sites often offer ‘Drive by Download’ to users, which leverage over vulnerability in the browser to execute a malicious program on users’ computer prior to their permission. ‘Drive by Download’ are responsible for running of variant malicious program on users ‘internet accessing device’ such as spyware—which gather information like banking credentials—and Malwares–use the computer for sending spam.
Source: Google Blog