If you want to keep your computers and networks protected from malware, it is important to train your staff how to identify a malicious website. You should also install a powerful web filtering solution to ensure your employees’ malicious website identification skills are never put to the test.
Cybercriminals are developing ingenious ways of compromising networks
Scammers and cybercriminals used to mainly send out emails with infected attachments. Double clicking on the attachment would result in the computer, and possibly the network, being infected with malware. Oftentimes, this action would go undetected by anti-virus software programs. A full system scan would need to be conducted before the malicious software was identified.
Computer users are now much wiser and know never to open file attachments that have been sent to them by unknown individuals, and certainly never to double click on an executable file. Hackers and other cybercriminals have therefore needed to get smarter, and are now developing ever more sophisticated ways of obtaining user credentials and getting people to install malware manually. One of the ways they are doing this is by developing malicious websites.
End users are contacted via email and are sent links to websites along with a valid reason for visiting the site. Links to malicious websites are also frequently sent out in social media posts or are placed in third party website adverts. Some sites are hijacked and visitors are redirected to fake sites automatically.
What is a malicious website?
Malicious websites host malware or are used to phish for sensitive information. In the case of the latter, users are tricked into revealing sensitive data such as login credentials for online banking websites.
Malware may require some user interaction before it is installed. Visitors may be tricked into downloading a security program, for instance, by being informed their computer is already infected with malware. They may be offered a free screensaver, or asked to download a fake PDF invoice.
Increasingly, malicious websites are used to host exploit kits. Exploit kits probe visitors’ browsers to identify security vulnerabilities that can be exploited without any user interaction required. If a vulnerability is detected, malware can be installed automatically on the computer or network. This method of cyberattack is called a drive-by download. Drive-by downloads can involve malware being installed onto the computer’s hard drive, a network drive, or even loaded into the computer’s memory.
Learning how to identify a malicious website is important if you want to prevent your computer from being infected, and it is essential for system administrators and other IT professionals to conduct staff training to help end users avoid these dangerous sites.
How to identify a malicious website
There are some easy ways to tell if a website is attempting to install malware:
- The website asks you to download software, save a file, or run a program
- Visiting the website automatically launches a download window
- You are asked to download an invoice or receipt, such as a PDF file, .zip or .rar, or an executable file or .scr screensaver file
A malicious website may also tell you:
- Your computer is already infected with malware
- Your plug-ins or browser are out of date
- You have won a competition or free prize draw. You may also be offered free money or vouchers that require you to enter your credit card or banking information
If you are asked to download any files or update your software, conduct a check of the site via Google and try to determine whether the site is genuine. If in doubt, do not download any files.
If you are told your browser is out of date, visit the official browser website and check your version number. Only ever download updates from official websites.
If you have accidentally visited a drive-by download site, by the time that you have connected it may be too late to prevent malware from being downloaded. To protect against drive by downloads you must ensure that your browser, add-ons, and plugins are 100% up to date. You should also use a software solution to block access to drive-by download sites.
How to block end users from visiting a malicious website
Even legitimate websites can be hacked and used to host malicious code. They may use advertising networks that are used by cybercriminals to direct visitors to malware-hosting websites. The best defense is to block these adverts and malicious websites.
Blocking access to malicious websites is a simple process. All it requires is a powerful web filtering solution to be installed. WebTitan web filtering solutions for the enterprise will help you keep your network secure by preventing users from visiting sites known to host malware.
WebTitan uses two powerful anti-malware and anti-phishing engines – Bitdefender and Clam AV – to detect malware-hosting websites. When malicious sites are detected; they will be blocked. WebTitan can also be configured to block access to questionable or illegal content.
If employees are trained on malicious website identification and web filtering software is installed, your network will be much better protected from malware infections and other web-based threats.