Ahead of International Women’s Day (8 March), Kaspersky experts conducted research which found malware-infected websites and phishing pages mainly targeting women – including community sites, forums with advice articles, online stores selling clothes or cosmetics, and more.

Some of the web pages were originally legitimate resources, later hacked by cybercriminals to spread malware.

Among the threats spread on the detected websites Kaspersky experts found web skimmers – usually embedded in the code of online shops to steal user payment data, leading to the potential financial loss for a victim.

Moreover, in the code of the pages the researchers also detected Balada injector, a malware that automatically redirects the user to bogus captcha pages, forcing the user to allow notifications from the website. If a victim agrees, their browser will constantly pop-up a huge number of intrusive notifications on third-party pages, imposing scam content.

SocGholish malware was also detected among web threats on women’s community sites. This threat persuades users to download and run a malicious script under the guise of browser updates. At different times, SocGholish infection was used to spread malicious remote admin tools, allowing an attacker to gain full access to the device without the user’s knowledge, data stealers or botnets, making the victim’s device to carry out cyberattacks itself.

Additionally, Kaspersky researchers detected several phishing pages masquerading as books about breastfeeding, pregnancy, and nutrition for fertility. To continue reading, victims had to enter their personal and bank card details. Once entered, this information was automatically transmitted to the attackers, while access to the book was never granted.

“The targets of cybercriminals know no bounds,” comments Victoria Vlasova, malware analyst team kead at Kaspersky. “Websites, irrespective of their audience, are vulnerable to mass attacks and what’s particularly concerning is that even reputable platforms can be infiltrated and compromised.

“As we celebrate International Women’s Day, we need to recognise the importance of safeguarding our online presence. It’s essential for women, who often face heightened risks online, to exercise caution when installing software or sharing personal information. It’s a reminder to prioritise our digital safety and empower each other by using reliable cybersecurity measures.”