YNOT – When it comes to online sources of malware, threats are far more likely to reside on religious websites than adult websites. So says the 2011 Internet Security Report released this week by antivirus developer Symantec.

According to the 17th annual report, pornographic websites harbored fewer than one quarter the number of threats found on the average religious or ideological website. During 2011, religious sites presented an average of 115 threats each, most in the form of fake antivirus warnings. In contrast, adult sites offered an average of only 25 threats each.

Greg Day, Symantec’s chief technology officer for Europe, the Middle East and Africa, said although trojans and their ilk receive more bad press, fake antivirus warnings are potentially more damaging because, if unwary users click the wrong button or intentionally download the advertised product, their systems are left vulnerable to much worse attacks.

The report also notes the number of unique malware variants increased by 81 percent in 2011, to 403 million, many of them aimed at social networks.

“The very nature of these networks makes users incorrectly assume they are not at risk, and attackers are using these sites to target new victims,” the report’s authors stated. “Due to social engineering techniques and the viral nature of social networks, it’s much easier for threats to spread from one person to the next.”

Hacking and identity theft also caused enormous problems in 2011, according to the report. Approximately 1.1 million identities were stolen per data breach on average last year, a dramatic increase over any previous year. Hacking incidents posed the greatest threat, exposing 187 million identities in 2011— the greatest number for any type of breach. Although server attacks increased across the board — and statistics showed a sharp uptick in attacks on servers belonging to small companies — the most frequent cause of data breaches was theft or loss of a computer, smartphone, USB key or backup device. These theft- or loss-related breaches exposed 18.5 million identities, Symantec’s report revealed.

“In 2011 cybercriminals greatly expanded their reach, with nearly 20 percent of targeted attacks now directed at companies with fewer than 250 employees,” said Symantec CTO Stephen Trilling. “We’ve also seen a large increase in attacks on mobile devices, making these devices a viable platform for attackers to leverage in targeting sensitive data.”

Mobile vulnerabilities increased by 93 percent in 2011, and 4,000 mobile malware variants now exist. Many of the new threats target the Android operating system. With the number of vulnerabilities in the mobile space rising and malware authors not only reinventing existing malware for mobile devices, but creating mobile-specific malware geared to unique mobile opportunities, 2011 was the first year mobile malware presented a tangible threat to businesses and consumers. These threats encompass data collection, covert sending of content and user tracking.

The report is available in its entirety here (PDF).