A web threat is any method of carrying out a cybercrime using social media, email with links to malicious websites, or otherwise enticing people to reveal personal information online. Web threats also can download malicious software called malware onto a user’s computer without them knowing, so the software can collect information and send it to an unknown party. Another technique is phishing, which involves persuading people to provide sensitive financial information under false pretenses. A personal computer may also be used as part of a botnet to create a network for cyber criminals to steal information and spread malicious code. Any web threat can cause severe financial damage and cause the loss of important business information, as well as damage sales, brand, or personal reputation.
With the sophisticated multimedia technologies built into websites, often referred to as Web 2.0, malware such as Trojans and spyware can be downloaded unsuspectingly just by visiting a site. The ability for nearly anyone to add content to websites and databases has created more opportunities for cybercrime as well. Corporate and personal accounts face the consequences of phishing, a common web threat. A website can mimic the site of a bank or other institution which the consumer or executive recognizes, and prompt them to input details that can be used for profit. Many times phishing is carried out via a link embedded in an email.
Web threats are not only perpetuated by visiting websites or opening emails. They are driven by the spread of social media as well, and even adding personal details to a social media website can put someone at considerable risk. Hackers go to extreme lengths to create their web threats, and often make use of legitimate website content and corporate logos. A malicious site is sometimes difficult to tell apart from a legitimate one, making detection and web security a challenge and heightening both personal and IT risk.
A web threat can be completely undetectable to a computer user. Malware can be downloaded simultaneously with webpage content using Hypertext Markup Language (HTML), in a process that is invisible to the user. Web threats can be spread so easily because they use access levels that need to be open for communications and information access. They are also harder to detect than viruses programmed to spread rapidly, because most threats change quickly and remain invisible before appearing. By the time it is discovered, a web threat can completely disable hard drives, operating systems, and expensive applications.