What are the most dangerous sites on the Web?

If you believe everything you read in some sections of the media, the internet is a dangerous place where nasty viruses and malware are lurking at the end of every hyperlink, just waiting to harm your computer. That is, of course, not true. But there are plenty of threats to both your online and offline safety and security, and being aware of them is an important tool in your defense against them.

What are the most dangerous websites?

The answer to that question largely depends on how you define dangerous. Too much time on social media sites like Facebook, Twitter, and Instagram, for example, can be harmful to your mental health and increase the amount of stress you feel. Gambling and pornography sites can feed the addiction, while certain sections of the so-called dark web can expose you to all kinds of real-life danger.

However, for the purpose of this article, we’re going to define ‘dangerous’ as those parts of the web that host malware and are most likely to lead you to downloading a virus, ransomware, or see your computer crypto-jacked. That is websites with viruses to avoid.

There are a few obvious candidates for sites that host malware. Streaming sites that allow you to watch the latest movies for free are one. One example is FMovie. When we visited the site to research it, we were immediately presented with a pop-up window warning us that our version of Flash was outdated at that we need to update it — a sure sign that a site is hosting malware.

Sites that stream pornography or offer hacked passwords to pornography sites are common hosts for malware, particularly adware, where unwanted windows or tabs open and try to make you watch adverts. The same is true of some file-hosting sites, often used by those sharing copyright-protected or other illegal content. However, even well-known cloud services and file sharing sites can be used to host malware.

The general rule is that if a site is enabling something that is legally questionable, such as sharing copyright-protected content or behavior that many users would rather keep private, the higher the risk that it is hosting malware. These are websites to avoid. That doesn’t mean that well-known, reputable sites are immune, however. For example, in 2018, cryptojacking code was discovered on the US newspaper website, the LA Times.

Social media sites are also a popular place to distribute malware. Whether it’s bots on Twitter or Instagram posting links or cloned Facebook profiles that send you friend requests to harvest personal information, the threats on social media sites are numerous.


How does malware get on websites?

There are two ways malware can find its way onto a website: by a deliberate act on the part of the website or when the website is hacked. While there are plenty of examples of websites, such as those discussed above, deliberately hosting malware in order to scam visitors by showing them adverts or trying to extract payment from them or even hijack their computer to mine cryptocurrency, the most common way that malware is hosted on a website is for the site to be hacked.

Content management systems like WordPress, Joomla, and Drupal are installed on millions of websites worldwide. And so, when a flaw is discovered in one of those CMSes, using it to hack multiple websites is relatively straightforward. While correctly installed, up-to-date versions of these CMSes present a very little risk; the opposite is true on sites where they have been incorrectly installed or not updated.

How can I protect myself?

The short answer is: don’t visit websites that are likely to host malware. However, as we’ve seen, identifying those isn’t easy. In general, stay away from the so-called Dark Web, especially sites that allow you to buy and sell illegal things. A good rule of thumb is that if you feel the need to hide your online activity from your ISP use a VPN. We urge you to try out ClearVPN — MacPaw's first effortless VPN or a personalized and secure online experience. Certainly, to protect yourself, it's easier not to visit risky sites. However, you can never be certain if this or that site is truly risky for you. ClearVPN's anti-malware shortcuts will come in handy!

The normal rules about clicking on links in email messages, social media posts, and websites also apply. Don’t click them unless you are absolutely sure where they lead.

What should I do if I think I’ve downloaded a virus?

If your computer is misbehaving, running particularly slowly, or you hear the fans start up much more often than normal, it’s worth scanning for malware. There are a couple of ways to do it. You can download an antivirus tool — there are several available that will scan your Mac or PC for viruses, or you can use the malware utility in the app CleanMyMac X. It scans your Mac and compares what it finds with CleanMyMac’s regularly updated database of malware. If it finds anything nasty, you can remove it by pressing a button. With the help of CleanMyMac, you can find thousands of malware threats, including malware, spyware, ransomware, worms, and remove them in seconds. Download the app here (for free) and give it a try.

Malware scan in process

There is no definitive list of the most dangerous websites. By their nature, these website change domains and addresses regularly. However, certain types of websites are more dangerous than others. As a general rule, the further you get from mainstream sites and closer to those whose activities are legally questionable, the more likely you are to encounter a site that hosts malware. To protect yourself, make sure your computer’s firewall is always switched on, and if you have a Mac, don’t override the settings that limit what apps you can download. Above all, be vigilant.

Laptop with CleanMyMac
CleanMyMac X

Your Mac. As good as new.