Are you helping the cyber criminals distribute malicious code to your customers, friends and family? In the old days (well, the 90s) cyber criminals distributed malicious code via e-mail. Today the cyber criminals mostly use websites to distribute their nasty code. On average 30,000 new websites are identified every day (source Sophos Labs [Disclosure: I work for Sophos]) distributing malicious code to any users passing by. Many hold on to the idea that viruses are distributed from adult sites, gambling and other forms of vice but in reality the majority of these 30,000 sites are legitimate small businesses that are unwittingly distributing malicious code for the cyber criminals. You might be one of them. Another widely held web threat misconception is that cyber criminals only go after large enterprises or government organisations. I wish I had a dollar for every time someone said “but we are a small business, cyber criminals aren’t likely to target us” followed shortly by them getting hit by something nasty. Cyber criminals have automated scanning tools scouring the web looking for websites to infect to deploy their malicious code. Their target could be a personal blog, a small business website or a massive news site. Wherever there is a vulnerability they will happily capitalise on it to spread their wares.