Users are more at risk from malicious websites that steal credit cards than ever before, according to the latest IBM X-Force 2009 Mid-Year Trend and Risk report. Even legitimate sites may pose serious security risks.
The report's findings show an unprecedented state of insecurity as web client, server and content threats converge to create an untenable risk landscape.
According to the X-Force report, there has been a 508% increase in the number of malicious web links discovered in the first half of 2009.
This problem is no longer limited to malicious domains or untrusted websites, according to X-Force. There is also an increase in the presence of malicious content on trusted sites, including popular search engines, blogs, bulletin boards, personal websites, online magazines and mainstream news sites. The ability to gain access and manipulate data remains the primary consequence of vulnerability exploitations, X-Force warned.
The X-Force report identified increasingly sophisticated attacks, such as those using PDF vulnerabilities. From the first to the second quarter of 2009, the amount of suspicious, obfuscated or concealed content monitored by the IBM ISS Managed Security Services team nearly doubled.
X-Force Director Kris Lamb, said, "There is no such thing as safe browsing today and it is no longer the case that only the red light district sites are responsible for malware. We've reached a tipping point where every website should be viewed as suspicious and every user is at risk. The threat convergence of the web ecosystem is creating a perfect storm of criminal activity."