In the first two months of 2025 alone, 12.5% of computers monitored by Kaspersky Industrial CyberSecurity (ICS) solutions were attacked by malware – putting this year on track to surpass the 38.34% of attacks recorded in 2024. With cyber threats on the rise, staying safe online has never been more critical.
According to Kaspersky ICS Cert statistics, the Internet remains the primary source of malware, accounting for 20.73% of attacks in 2024. This is five times higher than the second largest threat (email), which accounted for 4.15%. Malicious websites continue to pose a significant threat to those browsing the Internet at home and in the workplace.
It remains essential to be aware of the risks of browsing the Internet and understand how to identify and avoid dangerous websites. Visiting unsafe websites can expose you to cyber threats, identity theft, and financial fraud. While cybersecurity solutions provide strong protection from online threats, knowing how to identify a malicious website adds a layer of protection when browsing the Internet.
What is a Malicious Website?
A malicious website is any website designed to cause harm to the users and/or devices that access it.
This might involve installing malware on the user’s device or otherwise attempting to steal their data or compromise their identity or assets. Dangerous websites may look very similar to any other website on the Internet. Some provide a genuine service while additionally infecting your device with malware, whereas others might emulate popular brands or organizations in an attempt to mislead the visitor.
Types of Malicious Websites
Websites can be malicious for different reasons, and the tell-tale signs will vary for each, so it’s worth understanding the dangers that can be posed. Generally speaking, there are two types of malicious websites:
- Those that seek to mine data or money from a visitor (otherwise known as phishing or fraudulent websites).
- Those that deliver malware to a user’s device. However, these two types of websites can take multiple different forms, each with slightly differing objectives.
1. Phishing or Fraudulent Websites
Phishing or fraudulent websites both deceive users into parting with their money or personal data, although they may do so in slightly different ways.
Phishing Websites
With over 932,000 phishing websites recorded during the third quarter of 2024, phishing is the most common cybercrime worldwide. This is in comparison to 146,994 during the second quarter of 2020, demonstrating the alarming rate at which this practice continues to increase.
Websites operating phishing scams do so with the primary intent of stealing a user’s data – that might be login credentials or personal details (names, phone numbers, dates of birth) or financial information such as credit card numbers or online banking logins. These are usually sold to third parties or even used to extort money from the victim. Some common types of websites that they often emulate include banking websites, well-known e-commerce brands, and postage services.
To operate, these websites need to get users onto their pages before convincing them to enter said data. The most common way to do this is through scam email campaigns. These will often be disguised as originating from genuine organizations (such as parcel delivery companies) and will offer an update or claim that the user needs to view a secure message. The user will then be served a link to submit their data to allegedly access said update or message. Their entered details will be harvested and used maliciously against the user, whether to steal their personal details, money, or identity.
Fraudulent Websites
Perhaps the most rudimentary form of malicious website, fraudulent websites exist simply to convince a user to part with their money. This might be as simple as falsely advertising a product and failing to deliver the said product once the money has left the user’s account, or as advertising fake lotteries or fake job offers that sit behind a paywall.
More sophisticated fraudulent websites will masquerade as genuine commercial websites, usually belonging to well-known brands, such as Amazon. In 2024, Kaspersky products detected and blocked over 3.8 million phishing attempts, primarily those distributing Amazon-related scams and phishing pages. These trick a user into thinking they are dealing with a trusted retailer, once again failing to deliver on their offer, or providing an inferior or illegitimate product.
2. Malware Distribution Websites
With 560,000 pieces of malware detected every day, malware distribution websites are another common threat. They are particularly dangerous because they often offer the user a genuine service (pornography being a common example) making it easier for them to distribute said malware.
Malware websites trick users into downloading harmful files onto their devices. These downloads are often disguised as legitimate sources for things like free software installations or updates – or even virus protection. Unfortunately, they can also take a more sophisticated form, appearing as captchas and prompting users to copy harmful scripts onto their clipboards. Once a user installs a file or runs a script, it may damage their device, survey activity on the device, or steal data. Another common form of malware is ransomware, which locks a user out of their device or files and demands payment in return for unlocking the data.
There are a few nuances to be aware of when it comes to malware distribution:
Drive-by Downloads
Unfortunately, not all malware websites require active participation on the part of the user. ‘Drive-by-downloads’ is a term used to describe the practice of delivering malicious code to a user’s device without the user having to download anything or provide any information. This is often achieved through corrupted plugins or scripts, making it much harder for a user to detect when they are on a malware distribution website.
Cryptojacking
Cryptojacking is when a device is hijacked by a cryptocurrency miner to generate cryptocurrency. This essentially involves a hacker recruiting computer power to solve a complex encryption. Although a type of malware, it’s worth being aware of this specific practice as, while it may not pose an active threat to the user’s device or data, it does result in decreased computing performance due to the processing power it requires – which can be partial or absolute.
If you’ve noticed that your device has suddenly become very slow and unresponsive, you may be a victim of cryptojacking.
How to Identify a Malicious Website
When it comes to how to tell if a website is fake or malicious, unfortunately, there is no single surefire way, and some of them can be incredibly sophisticated.
Unsafe websites can commonly take the form of pornographic websites, or those emulating e-commerce, travel and accommodation, or social media sites. This doesn’t necessarily mean that every website in each of these categories will be malicious, but it’s worth exercising some extra caution when visiting websites that fall into any of these categories.
There are some common signs to look out for that are associated with malicious websites and, while any one of these signs in isolation may not necessitate a dangerous website, they should provide cause for concern and prompt closer investigation of said website:
Grammatical errors
The content on most legitimate websites (especially those owned by large brands or organizations) will have been written by a copywriter; someone with a strong grasp of language, skilled at writing persuasive and informative content. It’s therefore very unlikely that said copy will include any grammatical errors or spelling mistakes.
Lack of HTTPS URLs
The ‘s’ in HTTPS indicates that the website has an SSL (secure sockets layer) certificate and therefore enhanced encryption. While a website simply operating an HTTP URL may not necessarily be actively harmful, it does put users at risk from attackers looking to intercept data between a user and a website.
Incorrect domain names
It’s always worth checking the domain name of a website to verify its legitimacy. Fraudulent websites will often use slightly distorted domain names such as amazon1.com or amaz.on.
Unexpected prompts – Prompts to download software or pop-ups (often informing users that their device is infected) are a big indicator of unsafe websites.
Poor web design
Outdated web design or broken functionality (such as broken links or buttons) are both clear signs of a website that has been produced cheaply to offer little value to the user and should provide cause to question the website’s purpose.
Lack of legalese
The absence of a privacy policy or terms and conditions is indicative of an organization that does not prioritize web compliance or best practices and should prompt caution as to what other suspect practices they may be operating.
Redirects
Redirects to unexpected websites or pages can be an indicator of suspicious activity and an attempt to direct you toward malware or scams. Always question whether you think the redirect was warranted and check to see if the URL is as you would expect it to be.
It’s important to know how to spot a dangerous website of your own accord, but there’s no denying that dangerous websites are becoming increasingly sophisticated and more difficult to identify. Not to mention that, in most cases, it’s difficult to spot a malicious website until you’re on it, at which point your device is already susceptible to malware.
Protect Yourself from Malicious Websites and Browse with Confidence
Keep your devices and data free from viruses, malware, trojans, ransomware and other threats. Scan your devices now!
Try Premium for FreeHow to Protect Against Dangerous Websites
There are two ways to protect yourself against unsafe websites. The first is to exercise a healthy degree of caution and critical thinking when browsing the Internet and, if this is something you’re not confident with, it may be worth investing in some cybersecurity training. The second is to enlist the help of security software, such as Kaspersky Premium. Below are some common good practices to follow when using the Internet.
1. Use Multi-Factor Authentication (MFA)
Traditional security controls for sensitive data consist of a username and password, both of which can be easily compromised. Multi-factor authentication adds another step of security to your accounts, usually requiring you to use a secondary device to verify your access request.
When using your laptop to access your work email, for example, a multi-factor authentication app may send an alert to your personal smartphone, asking you to confirm that you have just tried to access your email account. This helps prevent cyber criminals from getting into your accounts, even if they have your username and password.
2. Leverage Email Security Tools
Most malicious websites offer no genuine value to users, meaning that it’s extremely difficult for them to rank in search engines and attract organic traffic. Instead, they must rely on other tactics to acquire visitors, the most common of which is operating scam email campaigns.
Make sure you avail yourself of the spam settings in your email client, enabling keyword filters to help prevent harmful emails from circumventing your settings. You can also consider using email security software to offer enhanced protection against spam and phishing campaigns.
3. Exercise Scepticism with Online Ads
Another way that cybercriminals may try to trick you into visiting their website is through misleading adverts. These might be placed on search engine results pages, other websites, or on social media. These can be avoided by exercising some critical thinking – if an offer sounds too good to be true, it often is. When using a computer, you can also hover over a link to see the destination URL. If it looks suspicious or doesn’t go where you would expect, don’t click it.
I Accidentally Clicked on a Malicious Website – What Should I Do?
If you’ve accidentally clicked on a malicious website, the action you should take will depend upon the type of website you’ve visited.
If you believe you have clicked on a malware distribution website, you should close the website immediately and disconnect from the Internet. Run your antivirus software and command it to search for any malware and follow the steps recommended by your software.
If you have visited a phishing or fraudulent website, it’s worth following the above advice as these websites may also contain malware. If you have disclosed any personal information, you should change your passwords immediately using a separate device. If the phishing attempt came from an email, use the ‘Report spam’ button in your email client. You should also report the website. If you have entered any financial details, contact your bank to revoke the transaction and cancel your debit or credit card.
Kaspersky Premium Security
While it’s important to keep abreast of developments in cybersecurity and online threats – and to educate yourself on how to avoid those threats – the best way to stay safe online is to always use internet security software.
Kaspersky Premium offers identity protection and a smart home monitor for all your connected devices, alongside real-time virus protection and online payment protection. Get protected today with our introductory offer.
Related articles:
What is Mobile Security? Benefits, Threats, and Best Practices
What is Spearfishing? Definitions and Risks
What to Do if You Think You Have Malware on Your Mac
Related products:
Enterprise Cyber Security for Industrie
