If you believe everything you read in some sections of the media, the internet is a dangerous place where there are nasty viruses and malware lurking at the end of every hyperlink just waiting to harm your computer. That is, of course, not true. But there are plenty of threats to both your online and offline safety and security and being aware of them is an important tool in your defence against them.
What are the most dangerous websites?
The answer to that question largely depends on how you define dangerous. Too much time on social media sites like Facebook, Twitter, and Instagram, for example, can be harmful to your mental health and increase the amount of stress you feel. Gambling and pornography sites can feed addiction, while certain sections of the so-called dark web can expose you to all kinds of real life danger.
However, for the purpose of this article, we’re going to define ‘dangerous’ as those parts of the web that host malware and are most likely to lead you to downloading a virus, ransomware or see your computer crypto-jacked. That is, websites with viruses to avoid.
There are a few obvious candidates for sites that host malware. Streaming sites that allow you to watch the latest movies for free are one. One example is FMovie. When we visited the site to research it, we were immediately presented with a pop-up window warning us that our version of Flash was outdated at that we need to update it — a sure sign that a site is hosting malware.
Sites that stream pornography or offer hacked passwords to pornography sites are another common host for malware, particularly adware, where unwanted windows or tabs open and try to make you watch adverts. The same is true of some file hosting sites, which are often used by those sharing copyright-protected or other illegal content. However, even well-known cloud services and file sharing sites can be used to host malware.
The general rule as that if a site is enabling something that is legally questionable, such as sharing copyright-protected content, or behaviour that many users would rather keep private, the higher the risk that it is hosting malware. These are websites to avoid. That doesn’t mean that well-known, reputable sites are immune, however. For example, in 2018, cryptojacking code was discovered on the website of US newspaper the LA Times.
Social media sites are also a popular place to distribute malware. Whether it’s bots on Twitter or Instagram posting links or cloned Facebook profiles that send you friend requests in order to harvest personal information, the threats on social media sites are numerous.
How does malware get on websites?
There are two ways malware can find its way onto a website: by a deliberate act on the part of the website, or when the website is hacked. While there are plenty of examples of websites, such as those discussed above, deliberately hosting malware in order to scam visitors by showing them adverts or trying to extract payment from them, or even hijack their computer to mine cryptocurrency, the most common way that malware is hosted on a website is for the site to be hacked.
Content management systems like Wordpress, Joomla, and Drupal are installed on millions of websites around the world. And so, when a flaw is discovered in one of those CMSes using it to hack multiple websites is relatively straightforward. While correctly installed, up-to-date versions of these CMSes present very little risk, the opposite is true on sites where they have been incorrectly installed or not updated.
How can I protect myself?
The short answer is: don’t visit websites that are likely to host malware. However, as we’ve seen, identifying those isn’t easy. In general, stay away from the so-called Dark Web, and especially sites that allow you to buy and sell things that are illegal. A good rule of thumb is that if you feel the need to hide your online activity from your ISP by, say using a VPN or proxy server, the likelihood of encountering malware is high. So, to protect yourself, don’t visit those sites. Likewise, don’t visit sites that allow you to stream the latest movies or download copyright-protected content for free — they are likely to be hosting malware.
The normal rules about clicking on links in email messages, social media posts, and websites also apply. Don’t click them unless you are absolutely sure where they lead.
What should I do if I think I’ve downloaded a virus?
If your computer is misbehaving, running particularly slowly, or you hear the fans start up much more often than normal, it’s worth scanning for malware. There are a couple of ways to do it. You can download an antivirus tool — there are several available that will scan your Mac or PC for viruses or you can use the malware utility in the app CleanMyMac X. It scans your Mac and compares what it finds with CleanMyMac’s regularly updated database of malware. If it finds anything nasty, you can remove it by pressing a button. With the help of CleanMyMac, you can find thousands of malware threats, including malware, spyware, ransomware, worms, and remove them in seconds. Download the app here (for free) and give it a try.
There is no definitive list of the most dangerous websites. By their nature, these website change domains and addresses regularly. However, there are certain types of websites that are more dangerous than others. As a general rule, the further you get from mainstream sites and closer to those whose activities are legally questionable, the more likely you are to encounter a site that hosts malware. To protect yourself, make sure your computer’s firewall is always switched on and if you have a Mac, don’t override the settings that limit what apps you can download. Above all, be vigilant.