Internet and mobile security provider AVG last week released a global threat report which had some chilling insights into the way cybercriminals are hijacking legitimate sites and corrupting them.
Yuval Ben-Itzhak, the AVG international technology officer, told Signal the rise in "trusted malware" was especially concerning.
In the three months ended June, AVG's threat labs had seen an increase in the number of stolen digital certificates used to sign malware, before being distributed by hackers.
"A significant increase of more than 300% was identified at the start of 2011, compared to the whole of 2010."
Fortunately, online security firms were quickly forming a data base for digital certificates that were coming from hackers, stopping a wider attack, he said.
The process was called "stealing the keys to the house" which had become easier than breaking "Windows."
As digitally signed codes unlocked doors to enable a binary code to execute on a PC, hackers increased their efforts in stealing digital certificates to sign their malware with it before replacing it for a trusting user to download.
The certificates were widely used by software companies when people were buying security online, Mr Ben-Itzhak said.
The only way internet users could keep themselves safe from those attacks was to keep their authenticated security up to date as more black lists were compiled by security specialists.
This year had also seen a rise in attacks on Macs, something most Mac users had not believed would happen.
Mr Ben-Itzhak said hackers had thresholds they watched before they started to become interested in products.
In the case of Firefox, which was said to be the safest browser on the market, once global use rose to 5% hackers started becoming interested and now it was past 10% it was definitely a target.
Mac use had risen above 5% and was closing in on 10%. Attack toolkits were being circulated now for Mac and iPad devices. As Apple released more products, those, too, would become targets for hackers, he said.
"While it may be a new target platform, cyber criminals are using tried and tested social engineering techniques to attack Mac OS users."
Increasingly, cyber crooks were using mobile malware to make money by using premium SMS and fake apps, Mr Ben-Itzhak said.
Hackers took legitimate apps, changed a line or two of code, replaced the app back into the market - usually free to download - and waited.
Something as popular as Angry Birds had become a prime target. The game played as normal, but once users got to a certain level, premium text messages were sent from the phone or a text message was received asking the user to click on a link for a game upgrade. Once the link was clicked, malware was then loaded on to the phone, he said.
The report also provided an insight into the most prevalent malware targeting online banking in the past few years - SpyEye.
The rise in SpyEye meant that users of internet banking needed to be extra vigilant, especially as victims of cyber-attacks were increasingly considered to be accountable, Mr Ben-Itzhak said.
A recent court ruling in the United States concluded that it was the victim's responsibility to protect their account credentials, rather than the bank, through the use of internet security and identity protection tools.
"The World Wide Web might as well be rebranded as the World Wild Web. Our research indicates that hundreds of live servers operating around the world are active 24/7 to steal users' credentials for online banking and other private assets.
"As attack techniques of hackers continue to get more advanced, users need to take action."
Security products, with multi-layers of protection, are a "must have" to protect against the potentially damaging threats that lurked on the web, he said.
The users' computer platform was becoming irrelevant for the cybercriminals. Windows, Android, Mac and iOS were all targeted now, Mr Ben-Itzhak said.
