Letter: Websites must protect users

While I agree with Bruce Schneier that a shift in approach to dealing with fraudulent online transactions is necessary (The End, SC May), he fails to address an important fact about today's online world: most websites hosting malicious code are, in fact, legitimate.

Counterfeit websites working to craftily steal users' personal detailsand passwords are undoubtedly a serious problem, but research shows thata whopping 70 per cent of web-based malware is being hosted on innocentbut exploited websites.

The consumer assumes that a genuine website must be safe from cyberattack, but many sites are not because their owners are failing toproperly maintain them and keep up to date with patches.

It is the responsibility of web-hosting companies, as well as thebusinesses selling goods or services online, to guarantee the safety oftheir sites and protect users.

Graham Cluley, senior technology consultant, Sophos.

prestitial ad