Sex & gambling
Online, as in life, sex is a motivator. It’s estimated that 40% British men with internet access have visited a porn site at least once, according to Nielsen NetRatings. In other words, porn is big business and, like other major internet industries, it’s attractive to criminals.
Like the online music industry, the porn market is made up of a number of big players with high budgets, and a proliferation of smaller sites. But with porn, the weight of numbers is tipped far more heavily towards smaller sites.
The reason isn’t hard to work out: when people search for music online, they’re generally looking for a particular song or artist. But when it comes to pornography, consumer preferences are far looser; they don’t demand a particular film, or a particular set of photos. A website run from someone’s basement can compete with Playboy. Porn is cheap and easy to produce – an unscrupulous operator can even steal the content from other sites. This sort of copyright infringement is almost impossible to police, especially if the offending images are locked away in a “members only” area.
With such a low barrier to entry, and such high consumer demand, it’s no surprise that an estimated four million porn sites have sprung up. Very few have any reputation to speak of, and, given the amount of competition and the generic nature of the product, repeat custom is an unrealistic goal for most. Keeping visitors safe from malware isn’t necessarily a high priority. Indeed, for site operators, it could make more sense to try to rip visitors off themselves.
“These sites offer – so I’m told – free photos and free videos to entice you to go there,” explains Bridwell. “But that doesn’t make them any money. One thing that can make them money, however, is click-through payments, where they get paid for each time you click on a link or an advert. So, they might try to install adware on your machine, to track where you go and to feed you the right sort of ads.”
It’s a persuasive argument; yet our own searches for a variety of phrases like “sex videos” and “hardcore porn” each returned more than 200 completely clean pages – clean, at least, in terms of malware. Switching to cruder, more graphic search terms did bring up a handful of pages that were themselves clean, but contained links to dangerous sites. But these were all on the tenth page of results or later – you’d have to be extraordinarily persistent to find them.
One change that did make a striking difference was adding the word “free” into our search terms. Suddenly, infected pages started creeping in on the second or third page of results, in one case making it into the tenth position on the first page. Interestingly, most of these dangerous sites weren’t dedicated porn sites – they promised free sex videos alongside cracked software, MP3s and other illicit downloads. Clearly, rather than targeting pornography seekers, the scammers are using a blunderbuss approach, making a range of promises in the hope of luring as many gullible punters as possible. Online, avarice is a far more dangerous weakness than lust.
Taking a gamble
Unlike viewing pornographic images, playing online games involves running applications within your browser, or even directly in Windows, which offers scope for your PC to be compromised. But there isn’t much incentive for criminals to expend their efforts in hacking bespoke applications like this: they’re served only from a single site, whereas a generic attack can be used anywhere.