News

2019 Webroot Threat Report: Forty Percent of Malicious URLs Found on Good Domains

  • 6 March 2019
  • 6 replies
  • 2422 views
2019 Webroot Threat Report: Forty Percent of Malicious URLs Found on Good Domains
Userlevel 7
Badge +47
  • Community and Advocacy Manager
  • 1347 replies
Webroot revealed the results of the 2019 Webroot Threat Report, showcasing that while tried-and-true attack methods are still going strong, new threats emerge daily, and new vectors are being tested by cybercriminals. The report is derived from metrics captured and analyzed by Webroot's advanced, cloud-based machine learning architecture: the Webroot®️ Platform.

Explore the 2019 Webroot Threat Report


Notable Findings:
  • 40 percent of malicious URLs were found on good domains. Legitimate websites are frequently compromised to host malicious content. To protect users, cybersecurity solutions need URL-level visibility or, when unavailable, domain-level metrics, that accurately represent the dangers.
  • Home user devices are more than twice as likely to get infected as business devices. Sixty-eight percent of infections are seen on consumer endpoints, versus 32 percent on business endpoints.
  • Phishing attacks increased 36 percent, with the number of phishing sites growing 220 percent over the course of 2018. Phishing sites now use SSL certificates and HTTPS to trick internet users into believing they are secure, legitimate pages. Seventy-seven percent of phishing attacks impersonated financial institutions, and were much more likely to use HTTPS than other types of targets. In fact, for some of the targeted financial institutions, over 80 percent of the phishing pages used HTTPS. Google was found to be the most impersonated brand in phishing overall.
  • After 12 months of security awareness training, end users are 70 percent less likely to fall for a phishing attempt.Webroot found that organizations that combine phishing simulation campaigns with regular training saw a 70 percent drop in phishing link click-through.
  • Nearly a third of malware tries to install itself in %appdata% folders. Although malware can hide almost anywhere, Webroot found several common locations, including %appdata% (29.4 percent), %temp% (24.5 percent), and %cache% (17.5 percent), among others. These locations are prime for hiding malware because these paths are in every user directory with full user permissions to install there. These folders also are hidden by default on Windows®️ Vista and up.

Review the 2019 Webroot Threat Report


6 replies

Userlevel 7
Badge +55
Great information!🙂 It was interesting to read where Malware writers like to harbor their infections in certain computer systems folders...
Userlevel 7
Thanks Drew for the Threat Report. I downloaded the pdf to my desktop to read later today. ☺
Userlevel 7
Badge +47
Thanks Drew for the Threat Report. I downloaded the pdf to my desktop to read later today. ☺

It's a pretty big report with a TON of information. Enjoy it! 🙂
Userlevel 7
Badge +55
Thanks Drew for the Threat Report. I downloaded the pdf to my desktop to read later today. ☺

Great idea @ProTruckDriver ..🤗
Userlevel 4
Badge +5
Its amazing how many vendors to this day strongly suggest or require the C:\Temp directory to be white listed for their products to work correctly.
Userlevel 7
Badge +47
Hey everyone, I'm going to be moving this discussion over to this thread here: https://community.webroot.com/got-a-question-10/mcystil1-exe-threat-337785

Reply