According to Sophos, Blogger, or blogspot.com, plays host to about 2% of the worlds web-based malware making it the number one single malicious code host worldwide. Blogger and other websites like it make it easy for anyone to create and publish websites. In doing so it is easy to post and distribute malware such as the ‘Mal/Iframe’ which accounts for 34% of infections.
How can we protect ourselves? Besides using current, up to date, and active antivirus (anti-malware) software there are a few other things to consider. Ensure that your operating system and Internet browser updates are being applied. Don’t be tempted by flashy new features in beta versions of your favorite web browser. These beta versions are for testing and should not be used for daily use and especially should not be used for confidential, sensitive, or financial information. And don't use un-reliable third party plug-ins or controls.
In a large environment, or domain, create good policy that prevents the installation and use of unauthorized web browsers. Lock your domain into the use of a single browser that you control and you can update. Security aside, locking the enterprise to a single browser also simplifies troubleshooting and support.
John "Mike" Wright