Cybercriminals are using stolen access credentials in order to launch attacks that are out in the open, but also veiled from reputation filters and blocked web categories. Research: 75 percent of phishing attacks now reside on trusted domains that have been hacked. Phishing attacks are more common to reputed websites now because criminals know users often have the same credentials for several accounts, including bank accounts and social networking accounts. Research finds online storage sites like Flickr and open/mixed content sites, such as YouTube, saw the fastest growth in malware activity in 2010.”]
Source: https://www.csoonline.com/article/2127158/3-reasons-trustworthy-sites-can-no-longer-be-trusted.html