skip to main content

2,634 shops listed | Last updated: 08 December 2019

Monitor Add a site

Minor websites represent major security risk, experts claim

17 August 2010 - 15:01 by Paul Tissington

Share on

Small business websites that offer perfectly legitimate services are often those which pose the greatest threat to consumers, according to security vendor Avast.

Criminals are able to target major brands online for a relatively brief period, during which thousands could become exposed to spyware, but substantial businesses can quickly address any gaps in security and make sure that sites remain secure and uncompromised. The same cannot be said for the hundreds of thousands of smaller sites attempting to offer safe shopping online or content for niche interest groups, according to Avast's Ondrej Vlcek.

Avast believes that of the 85 per cent of websites that transmit malware, at least 60 per cent are perfectly legitimate, but are hijacked by hackers who then can easily lure in unsuspecting consumers over long periods of time because the site administrators cannot detect the threat or do not have the necessary funding to invest in security in order to protect customers.

High profile hijacking of major websites such as Vodafone has recently occurred, but these were only temporary blips in what is otherwise believed to be robust security. Avast recorded over 150,000 individual websites which contained malware in June and many of these belonged to smaller businesses and even some public sector organisations.

Mr Vlcek said that websites which were only updated or checked on an irregular basis could easily be taken over by hackers in an attempt to defraud users. He added that although thousands of websites are created with the sole purpose of stealing personal information and compromising safe shopping online, it was common to see legitimate sites corrupted with the same objectives in mind.

Avast has pointed to the dangers of online advertising, which represents one of the channels that criminals can exploit in order to spread malware and commit fraud, as ads and search engine results can also be manipulated to render legitimate sites unsafe.