Religious Sites Carry More Malware Than Porn Sites, Security Firm Reports

[Bugbatter]

Religious and ideological websites can carry three times more malware threats than pornography sites, according to research from security firm Symantec. The firm's annual Internet Security Threat Report also found that threats to mobile devices continue to grow, almost exclusively for Google's Android mobile OS.

Complete article:
http://www.networkworld.com/news/2012/043012-religious-sites-carry-more-malware-258802.html

[Hoov]

People with a religious message seem to be more trusting, idealogs can't understand that someone might take advantage of their narrow view. Pornographers on the other hand know that half the world hates them and are targeting their sites.

[1972vet]

People with a religious message seem to be more trusting...

This is it exactly. "Trusting", not so much that they'd click on any ole thing, but also "trusting" such that many of these folks believe if they have an antivirus product installed, they're safe...which is about as foolish as believing when folks say "the check's in the mail", that they'll actually get it.

[joe53]

Hmmm, you can always trust the press to never let facts get in the way of a catchy headline.

The word "religious" appears exactly once in Symantec's report, on page 33:

"Moreover, religious and ideological sites were found to have
triple the average number of threats per infected site than
adult/pornographic sites." [emphasis added]
http://www.symantec.com/content/en/us/enterprise/other_resources/b-istr_main_report_2011_21239364.en-us.pdf?om_ext_cid=biz_socmed_twitter_facebook_marketwire_linkedin_2012Apr_worldwide_ISTR17

In fact, religious and ideological websites are not even listed in the top 10 list of "Most Dangerous Web Site Categories" (page 36, fig 16), whereas pornography ranked #10. The category with 3x the rate of infection of porn sites is actually Education/Reference (#6 on the list).

Nowhere in that report is the infection rate for religious websites stated. That will not stop the pundits and atheists from having a field day with that headline, however.

[1972vet]

Joe hit the nail just right...ya got to sell those papers and it's the headlines that catches the eye. I'm still collecting bogus headlines, and I think I'll add this one now. My favorite is "I made love to Big Foot" lol

[Bugbatter]

You do realize that I post some of the articles in this forum just to initiate discussion (and push your buttons) , don't you? 

[1972vet]

An interesting hypothesis that Symantec makes, in relation to the mention made by joe53, that "religious and ideological sites were found to have triple the average number of threats per infected site than adult/pornographic sites" is:
"We hypothesize that this is because pornographic website owners already make money from the internet and, as a result, have a vested interest in keeping their sites malware-free-it's not good for repeat business."

...and I'd have to say that makes sense to me. Probably right on the mark. I'd also like to point out the distinction made which can easily be overlooked. That is, their statement here:
...triple the average number of threats per infected site than adult/pornographic sites...

The way I understand that as it reads, is that for each infected web site there were found to be triple the average number of threats, and not triple the risk or rate of infection simply by visiting a religious or ideological web site as compared to a typical porn web site. Note also that no attempt is made to define "infection", which could quite possibly include something as simple as adware.

Let's reduce their statement to it's base and say...there is just one religious/ideological web site out there. Just one. And that one is infected. Now...the way the statement reads, you could rightly assume that the infected site has three times the number of infections on that particular web site than any particular porn site that may be infected.

Also of note, is that to compare such a thing is something on the order of apples to oranges. If you consider that the three "infections" on some religious/ideological web site could be adware and compare that to a rootkit infection on a typical porn site, then you can make a better decision as to which is the greater risk.

In my mind, it seems they have constructed the headline to imply that there are three times as many infected "religious or ideological" web sites than there are porn sites which also seems to imply that one has three times the risk of infection visiting ANY of those religious or ideological web sites over any particular porn site...and nothing I can think of is further from the truth in that regard. The typical Internet user who glances over headline may very well read this that way.

In the decade or so that I've worked to remove malicious code from a users system, I will say without reservation that I've found an overwhelming majority of them came from porn sites...peer to peer comes in at a very close second place.

[Hoov]

Joe hit the nail just right...ya got to sell those papers and it's the headlines that catches the eye. I'm still collecting bogus headlines, and I think I'll add this one now. My favorite is "I made love to Big Foot" lol

Leave my ex girlfriend out of this, besides my feet are not all that big.


While it is true that news organizations do love sensationalizing headlines, it is also true that companies like to toot their own horn and slant results in a direction that will be beneficial to them.

I don't trust pharmaceutical test results done by drug companies, I also don't trust security studies done by security companies, at least not on the surface. I want the raw data so I can draw my own conclusions. Symantecs report sure looks pretty with all the graphics and what not, but it is going to take some time to really dig into it and figure out what it really says.