Kaspersky Reveals 'Sites with Undefined Trust Level' as Major Online Threat – Fake Extensions Top Global Danger
Breaking: Kaspersky has introduced a new web filtering category—'Sites with an undefined trust level'—to combat a growing class of online threats that operate in a legal grey zone. According to data from January 2026, fake browser extensions mimicking security products have become the most widespread such threat, detected in 9 out of 10 regions analyzed worldwide.
These malicious extensions intercept browser data, track user activity, hijack search queries, and inject ads, posing a severe risk to millions of internet users. Kaspersky's security systems now automatically flag these sites using advanced analysis of domain name, age, IP reputation, DNS configuration, HTTP security headers, and SSL certificates.
Background
A suspicious website—unlike a traditional phishing site that steals credentials—manipulates victims into voluntarily transferring money for non-existent services, signing up for hidden subscriptions, or disclosing personal data through carefully crafted terms of service. Examples include fake online stores, dubious crypto exchanges, investment platforms, and services with paid subscriptions that are nearly impossible to cancel.

"These sites exploit a legal loophole by using complex terms of service to make activities appear legitimate," said Anna Larkina, senior security researcher at Kaspersky. "They don't trigger standard phishing alerts, making them particularly insidious."
Regional Hotspots
Kaspersky's regional statistics reveal distinct patterns: in Africa, over 90% of the top 10 suspicious websites are online trading scam platforms. Latin America sees a predominance of fake betting services, while in Russia, fraudulent binary options brokers and "educational platforms" with hidden subscriptions lead the way. In CIS countries, crypto scams and bots for inflating social media engagement dominate.
"Cybercriminals tailor their tactics to local economic trends and cultural behaviors," Larkina added. "Our new category helps users stay ahead of these constantly evolving threats."

Key Indicators to Watch
To help users identify these dangerous sites, Kaspersky recommends checking for these red flags:
- Strange domain names with numbers or random characters
- Cheap top-level domains like .xyz, .top, or .shop
- Recently registered domains (less than 6 months old per WHOIS data)
- Unrealistic promises such as "100% guaranteed income" or "up to 300% profit"
- Lack of company contact information
- Payments only via cryptocurrency or irreversible bank transfers
Users are advised to avoid entering personal data or making payments on any site displaying multiple indicators from this list.
What This Means
The introduction of this new filtering category marks a significant shift in cybersecurity strategy. Rather than relying solely on binary phishing vs. legitimate classification, Kaspersky is now proactively flagging sites that exploit grey-area tactics. For consumers, this means greater protection against manipulative subscription traps and fraudulent financial platforms.
"The online threat landscape is no longer just about stolen passwords—it's about psychological manipulation," Larkina concluded. "Our new category gives users a powerful early-warning system against these emerging risks." As fake browser extensions and region-specific scams continue to rise, staying informed and vigilant remains the best defense.
Related Articles
- Contextualizing Threat Intelligence: Criminal IP and Securonix Join Forces in ThreatQ
- Flutter's Single Codebase Revolutionizes AI-Driven App Development
- How Brox's 60,000 Digital Twins Are Revolutionizing Market Research in the AI Era
- Agent-Driven Cloud Deployment: How AI Can Now Fully Provision Cloudflare Accounts and Domains
- Navigating Corporate Pivots: A Case Study on Faraday Future's $70M Robotics Financing
- 10 Key Takeaways from Gemini's $100M Bitcoin-Fueled Stock Surge
- V8 Engine Achieves Blazing Speed with Static Roots: Core Objects Now Identified at Compile Time
- Kraken Parent Payward Files for OCC National Trust Charter in Major Regulatory Push