Google has revealed it finds about 9,500 new malicious websites every day, including legitimate websites that have been compromised as well as sites set up specifically to distribute malware.
The company revealed these stats as part of its Safe Browsing initiative, which aims to raise awareness about online security. According to the company’s blog, the scheme was originally set up to safeguard Google’s own search results from malicious content and phishing websites. Now however it has evolved into a more general guide for helping webmasters keep their content secure.
As well as finding these infected websites, Google also flags them as potentially dangerous in an attempt to stop unwitting users from accessing the sites. Writing on Google’s blog, Niels Provos of the company’s Security Team said they show "several million" warnings every day.
"Approximately 12-14 million Google Search queries per day warn users about current malware threats, and we provide malware warnings for about 300 thousand downloads per day," he added.
Provos added that Google has also looked into what sort of sites attract to most malicious content.
"Online commerce sites are still favourite phishing targets because phishers are motivated by money," he wrote. "Some tried-and-true phishing methods are still used, but attacks are also getting more creative and sophisticated. Attacks are faster, with phishers sometimes remaining online for less than an hour to try to avoid detection. They’re also more geographically dispersed and are getting more targeted."
Provos went on to explain that Google is seeing an uptick in the number of users being presented with fake antivirus software – malware that tells the user they have an infection on their machine and prompts them to pay money to have it removed. However drive-by downloads are still a more popular method for infecting machines according to Google’s stats.
"Our system is designed to protect users at high volumes, but people still need to take steps to keep their computers safe. Ignoring a malware problem is never a good idea — if one of our warnings pop up, you should never click through to the suspicious site," Provos added.
