1 in 50 URLs are malicious, nearly one-third of phishing sites use HTTPS and Windows 7 exploits have grown 75% since January. A new Webroot report also highlights the importance of user education, as phishing lures have become more personalized as hackers use stolen data for more than just account takeover.

Hackers are using trusted domains and HTTPS to trick victims. Nearly a quarter (24%) of malicious URLs were found to be hosted on trusted domains, as hackers know trusted domain URLs raise less suspicion among users and are more difficult for security measures to block. 1 in 50 URLs (1.9%) were found to be malicious, which is high given that nearly a third (33%) of office workers click more than 25 work-related links per day. Nearly a third (29%) of detected phishing web pages use HTTPS as a method to trick users into believing they’re on a trusted site via the padlock symbol.