Malware targeting online porn account credentials more than doubled in 2018 with more than 110,000 people facing these attacks.

Kaspersky researchers found the number of attacks using these credential sniffing malware grew almost three-fold compared to 2017 with more than 850,000 attempts to install the malicious malware, according to their “Threats to users of adult websites in 2018” report.

Pornhub was the most commonly spoofed page with researchers detecting 37,144 attempts to visit phishing versions of the website, compared to just 1,161 total attempts to visit phishing versions of Youporn, Xhamster, and Xvideos.

Despite the uptick in credential theft, researchers found that searching for pornography online has become safer overall with a 36 percent drop in attacks launched from online resources affecting 650,000 users in 2018 compared to more than a million in 2017.

To compensate for increased user protections, threat actors are actively using popular porn-tags to promote malware in search results with the 20 most popular tags making up 80 percent of all malware disguised as porn.

Basic cybersecurity hygiene including checking links in search results, only using trusted search engines,only  purchasing subscriptions through official sites and scanning email attachments can help prevent attacks.