If you believe everything you read in some sections of the media, the internet is a dangerous place where nasty viruses and malware are lurking at the end of every hyperlink, just waiting to harm your computer. That is, of course, not true. But there are plenty of threats to both your online and offline safety and security, and being aware of them is an important tool in your defense against them.

What are the most dangerous websites?

The answer to that question largely depends on how you define dangerous. Too much time on social media sites like Facebook, Twitter, and Instagram, for example, can be harmful to your mental health and increase the amount of stress you feel. Gambling and pornography sites can feed the addiction, while certain sections of the so-called dark web can expose you to all kinds of real-life danger.

However, for the purpose of this article, we’re going to define ‘dangerous’ as those parts of the web that host malware and are most likely to lead you to downloading a virus and ransomware or see your computer cryptojacked. That is, ew imply that websites with viruses are websites to avoid.

There are a few obvious candidates for sites that host malware. Streaming sites that allow you to watch the latest movies for free are one. One example is FMovies. When we visited the site to research it, we were immediately presented with a pop-up window warning us that our version of Flash was outdated at that we needed to update it — a sure sign that a site was hosting malware.

Sites that stream pornography or offer hacked passwords to pornography websites are common hosts for malware, particularly adware, where unwanted windows or tabs open and try to make you watch adverts. The same is true of some file-hosting sites often used by those sharing copyright-protected or other illegal content. However, even well-known cloud services and file-sharing sites can be used to host malware.

The general rule is that if a site is enabling something that is legally questionable, such as sharing copyright-protected content or behavior that many users would rather keep private, the higher the risk that it is hosting malware. These are websites to avoid. That doesn’t mean that well-known, reputable sites are immune, however. For example, in 2018, cryptojacking code was discovered on the US newspaper website, the LA Times.

Social media sites are also a popular place to distribute malware. Whether it’s bots on Twitter, Instagram posting links, or cloned Facebook profiles that send you friend requests to harvest personal information, the threats on social media sites are numerous.

How does malware get on websites?

There are two ways malware can find its way onto a website: by a deliberate act on the part of the website or when the website is hacked. While there are plenty of examples of websites, such as those discussed above, deliberately hosting malware in order to scam visitors by showing them adverts and trying to extract payment from them or even hijack their computer to mine cryptocurrency, the most common way that malware is hosted on a website is for the site to be hacked.

Content management systems like WordPress, Joomla, and Drupal are installed on millions of websites worldwide. And so, when a flaw is discovered in one of those CMSes, using it to hack multiple websites is relatively straightforward. While correctly installed, up-to-date versions of these CMSes present very little risk; the opposite is true on sites where they have been incorrectly installed or not updated.

What can happen to your Mac after visiting a dangerous website?

Visiting a dangerous website can have an adverse effect on your Mac. A website is defined as dangerous if it has malware-infected links, which you may be exposed to either before you reach the website or after you get there.

If you’re exposed to them before you get there, it could have been from a phishing email, an infected email attachment, a link sent to you in an SMS or chat message, or a QR code.

Clicking any of the above can either lead to a direct malware download link or to a website with pop-up ads and/or compromised free software.

If you click one of these links, it could download various forms of malware, such as spyware, adware, ransomware, a remote access trojan, or a browser hijacker. All of these will have major effects on your Mac, as one of the byproducts of malware can be damage to the inner components of your device, not to mention files being corrupted or deleted.

Does your Mac or browser alert you about malicious websites?

Your Mac has 2 built-in security features to help protect you against toxic websites. However, they run more or less silently in the background, so there’s no “alert.” XProtect is your Mac’s malware scanning tool, and Gatekeeper monitors all new incoming apps for potentially malicious code.

A browser, on the other hand, will alert you if you are about to visit a dangerous website. Safari, Chrome, and Firefox will all alert you if the website you want to go to has a missing HTTPS certificate or if the site is a high-risk destination.

However, there’s nothing to stop you from ignoring browser warnings, and you need to enable the safe browsing features in the browser for them to work properly. So, it’s not completely perfect. It requires the user’s cooperation.

How to identify a dangerous website

There are tell-tale signs that a website is dangerous. Here are some things to look out for:

  1. There’s no HTTPS certificate: This isn’t always a sign of a risky website, but in general, a non-HTTPS website should be avoided, especially if it’s an e-commerce site. You definitely should not put your credit card details into one.
  2. It tells you to update a device feature: If the first thing the website does is tell you to update something on your Mac — such as Flash — consider this a red flag. This could be a trick to get you to install malware on your device. Ignore it and leave the site.
  3. There are lots of pop-up ads: Dangerous websites want to sell you dangerous products, not just to steal your personal information, but also to get malware onto your Mac to wreak even more havoc. If you are suddenly assaulted by lots of pop-up ads, then leave.
  4. The grammar and design is atrocious: The grammar and design are atrocious: Again, this is not always a sign of danger — some people are just notoriously bad at spelling and design. But this can also be an indication that something is wrong.
  5. Long, strange URLs: Before clicking a link, hover your mouse over it and look at the URL in the bottom-left corner of the browser screen. If the URL is long and complex, that is a major red flag.
  6. Something feels “off”: Never underestimate the power of a gut feeling. Some websites just give off bad vibes as soon as you arrive. If you find yourself feeling uncomfortable, trust your instincts and leave.

How can I protect myself from unsafe websites?

Here are some pointers for decreasing your chances of visiting an unsafe website:

  • Switch on safe browsing: As we said, each of the big browsers (Chrome, Firefox, and Safari) has security features designed to protect you against online threats. Go into your browser’s settings and enable them.
  • If in doubt, run a web search: If you’re unsure of a website URL, type it into Google. The search engine won’t index anything known to be dangerous. If the site shows up, you can probably trust it. Not there? That’s a bad sign.
  • Stay away from the dark web: We get it, the dark web sounds alluring. But where there are drugs, hitmen, weapons, and shadowy people in shadowy basements, you can bet there is also malware.
  • Use a VPN: If you absolutely must go to a website that is less than safe, use a VPN (virtual private network). It will encrypt your web traffic and conceal your IP address. The best one is, by far, ClearVPN.
  • Don’t click email links or download email attachments: Obviously, if an email is from a trusted relative or friend, then it’s likely safe to click a link or download an attachment. But if the email comes from a stranger or an acquaintance who you don’t fully trust, don’t click or download anything. The same goes for SMS and chat links.
  • Run links through VirusTotal: If you really need to click on a link, run it through VirusTotal first. This will analyze the link and tell you where it leads and whether or not it’s dangerous.

What to do if you’ve downloaded a virus from a dangerous website

If your computer is misbehaving or running particularly slowly, or if you hear the fans start up much more often than normal, it’s worth scanning for malware.

The fastest way to do it is by using the Protection feature in CleanMyMac, powered by Moonlock Engine.

CleanMyMac scans your Mac and compares what it finds with its regularly updated database of malware. If it finds anything nasty, you can remove it with the press of a button. 

With the help of CleanMyMac, you can find thousands of malware threats, including spyware, ransomware, and worms, and remove them in seconds. Sign up for 7 free days with CleanMyMac and give it a try.

There is no definitive list of the most dangerous websites. By their nature, these website change domains and addresses regularly. However, certain types of websites are more dangerous than others. As a general rule, the further you get from mainstream sites and closer to those whose activities are legally questionable, the more likely you are to encounter a site that hosts malware. To protect yourself, make sure your computer’s firewall is always switched on, and if you have a Mac, don’t override the settings that limit what apps you can download. Above all, be vigilant.