Researchers at PandaLabs have released a study detailing the most popular "bait" used to lure unsuspecting users into malware-laden traps.
Videos/multimedia, installers/updates, and cracks/keygens took the top three spots, together accounting for about 63% of the enticements leading to malware infected sites.
The data is based on analysis of malware-infected sites Panda Security customers attempted to access, but that were subsequently blocked by the company's antivirus software.
"Users continue to fall victim to malicious links offering to take them to an exciting video or the new episode of their favorite TV show. This technique has become a weapon of choice for hackers as it requires minimum investment and attracts a large number of victims. Most of these sites download Trojans onto users’ computers without their knowledge. Therefore, a good security solution capable of blocking them proactively is extremely helpful for users who, in most cases, cannot distinguish between ‘good’ and ‘malicious’ websites," said Luis Corrons, Technical Director of PandaLabs.
The most blocked URL's revealed in the study all had one thing in common - sensational subject matter. Some were related to leading news events of the day, while others could be classified as gossip or carnival side-show fare.
The top three in this report were all of Brazilian origin, and included what claimed to be a video of Japanese tsunami rescue operations, a video of the accidental electrocution of a a group of people, and a video of the dismissal proceedings for police officer accused of inappropriate internet use.
“Attackers exploit hot topics and users’ morbid curiosity. Who is not interested in watching the latest footage of such a devastating natural disaster as Japan’s recent earthquake?” Corrons says.
The study also demonstrates that malware traps follow popular web user search themes - the more popular a topic, the more likely there will be malware infested links associated.
“There are no hidden secrets when it comes to finding out if a website is legitimate or not, and it is increasingly complicated for users to differentiate them. And even worse than becoming infected is the fact that you might not even know it if you don’t have a good security solution installed," Corrons continued.