Here are just a few of the techniques cybercriminals commonly use to distribute malware on the web:
Blackhat search engine optimization (SEO) ranks malware pages highly in search results.
Social engineered click-jacking tricks users into clicking on innocent-looking webpages.
Spearphishing sites mimic legitimate institutions, such as banks, in an attempt to steal account login credentials.
Malvertising embeds malware in ad networks that display across hundreds of legitimate, high-traffic sites.
Compromised legitimate websites host embedded malware that spreads to unsuspecting visitors.
Drive-by downloads exploit flaws in browser software to install malware just by visiting a webpage.
Malicious code typically installs spyware or malware by exploiting known vulnerabilities in your browser or
associated plugins. These malware threats include:
Fake antivirus to extort money from the victim.
Keyloggers to capture personal information and account passwords for identity or financial theft.
Botnet software to subvert the system into silently joining a network that distributes spam, hosts illegal content
or serves malware. http://www.rmaster.com