Your IP:Unknown


Your Status: Unknown

Skip to main content

The usual suspects: Everyday online threats in numbers

You face cybersecurity threats every day — even if you don’t notice them. What should you be worried about in your daily online life?

hero statistick eye magnifying glass md

NordVPN’s Threat Protection Pro™ feature guards you against common online threats — but just how much danger is the average internet user exposed to every day? Our researchers have analyzed aggregated Threat Protection Pro™ data over a prolonged period to determine the kinds of threats that you’re most likely to encounter on the internet.

trackers malware ads blocked

All data was processed in accordance with NordVPN’s Terms of Use and Privacy Policy. Our findings were derived only from aggregated Threat Protection Pro™ usage statistics.

Malware: Hiding in plain sight

malware laptop threats md

Malware refers to any kind of programming that was deliberately designed to harm you or your device. This includes malicious software like viruses, trojans, ransomware, and spyware. Malware can steal sensitive data, encrypt important files, or even take over the machine, putting the criminal in complete control.

Most common malware blocked by Threat Protection Pro™

123,990 attacks intercepted


A virus that often targets system configurations and automated processes to cause disruptions.

46,891 attacks intercepted


A variant of the APC virus known for its ability to avoid detection and persist in infected systems.

43,298 attacks intercepted


A specific strain of the Redcap trojan, used for data exfiltration and system manipulation.

16,607 attacks intercepted


Adware that generates intrusive ads and can install unwanted software on infected devices.

14,906 attacks intercepted


A variant of the APC virus family that changes system files and settings.

14,644 attacks intercepted


A virus designed to hijack system resources to mine cryptocurrency without the user's consent.

7,273 attacks intercepted


Adware that also mines Bitcoin using the infected system's resources.

6,531 attacks intercepted


A trojan that’s used as a downloader for other malicious software.

5,896 attacks intercepted


A trojan that steals data and creates backdoors in infected systems.

4,220 attacks intercepted


A trojan that installs other malicious software on the infected system.

3,938 attacks intercepted


Potentially unwanted software distributed through infected torrent downloads.

3,642 attacks intercepted


A specific variant of the KAB trojan, known for its advanced data-stealing capabilities.

3,349 attacks intercepted


Ransomware that encrypts files on the victim's device, demanding payment for decryption.

2,759 attacks intercepted


Malware used in phishing attacks, tricking users into giving away sensitive information.

2,510 attacks intercepted


Botnet malware that creates a network of infected devices for coordinated attacks, like DDoS.

2,227 attacks intercepted


A generic name for a .NET-based dropper trojan that installs additional malware.

2,225 attacks intercepted


Spyware that’s difficult to detect and remove, often used for spying and data theft.

2,029 attacks intercepted


A variant of the APC virus, designed to disrupt processes on the infected device.

1,932 attacks intercepted


A generic name for agent trojans that enter devices by pretending to be benign software.

1,932 attacks intercepted


A potentially unwanted program and adware that bundles software with other installations.

Data collected from January 1, 2024 to June 1, 2024.

How malware infects your device

Unlike zero-day exploits and bugs, malware is not present on machines from the get-go — it must be actively brought onto your device, such as by downloading an infected file. One of the most common ways to get infected with malware is through phishing attacks. Scammers use deceptive misspellings of popular brands (such as spelling “Amazon” as “Arnazon”) to trick victims into clicking phishing links and downloading infected files.

In fact, 99% of all phishing attacks use just 300 brands for deception. The brands themselves are not at fault — such fakes hurt their reputation as well, forcing companies to actively hunt them down. But high brand awareness can lull victims into a false sense of security and get them to lower their guard.

brands spreading malware

While hackers can disguise malware as any file by renaming the executable and using double extensions, a few file types are much more likely to hide malware than others. Our research shows that users should be particularly careful when downloading files with the following extensions from the internet:

files extensions malware

Malware is also not distributed equally across the internet. Some web domain categories are particularly prone to harboring malware, with over half of all malware blocked by Threat Protection Pro™ coming from pages with adult content. According to our findings, users should be particularly careful when visiting websites within the following categories:

domain categories malware

Our research shows that the risk of getting infected with malware also varies by geographic region. The differences could be attributed to the varying levels of internet connectivity, economic development, and cybersecurity awareness between countries. From aggregated Threat Protection Pro™ data, we can infer that users in the following locations are most at risk of malware:

Countries most affected by malware

countries malware africa infographic

Beyond malware: Web trackers and ads

Web trackers are a broad category of privacy-invading tools that collect information on user activity. Trackers typically take the form of special scripts, browser cookies, or tracking pixels. Businesses use trackers to paint an accurate picture of you for targeted advertising — but if they suffer a data breach, the stored tracker data could end up falling into the hands of cybercriminals. The following domain categories feature the most trackers:

domain categories trackers

How to stay safe from common cyberthreats

Develop good cybersecurity habits

Cybercriminals prey on apathy, confusion, and ignorance, hoping that victims will forego due diligence. For example, most phishing attempts involve distorted names of popular brands.

Verify, download, scan, install

Malware executables may be disguised as or even hidden in legitimate files. Always verify the website you wish to download from, and always use anti-malware tools like Threat Protection Pro™ to inspect files you download. This includes suspicious email attachments.

Be careful where you go online

Certain web domain categories are much more likely to compromise your device than others. If you visit websites that are likely to contain malware, pay attention to what you type, click, and download.

Let Threat Protection Pro™ keep you safe

Threat Protection Pro™ received a huge update and now combines the best aspects of essential cybersecurity tools into one comprehensive security package. It will scan each file you download for malware, stop you from visiting malicious pages used for phishing, scams, and hosting malware, and block annoying ads.