Caution is still needed, though, a security researcher says. While there may be fewer viruses and worms in the actual e-mail, hackers are spamming out messages that link to malicious sites where Trojan horses lie in wait for innocent victims.
The proportion of e-mail infected with malicious code dropped dramatically in July, a security company said Monday, indicating that attackers have turned to alternate methods of infection.
Only 1 in 222 e-mail messages processed by U.K.-based security vendor Sophos during July carried a malicious payload. The percentage of malicious mail -- just 0.45 percent -- is less than half of the 1.1 percent (1 in 91 messages) tracked during the first six months of 2006.
"At a glance, the drop in the proportion of virus-infected e-mail may be misread as a sign that e-mail is now a safer medium," said Carole Theriault, a senior security consultant at Sophos, in a statement. "The reality is that the number of new threats is increasing.
"While there may be less viruses and worms in the actual e-mail, hackers are spamming out messages that link to malicious sites where Trojan horses lie [in] wait for innocent victims," Theriault continued.
Security analysts have been talking about a sea change in malicious code infections for some time. In particular, many have noted a substantial decline in mass-mailed worms and viruses spread in large-scale attacks, and a corresponding increase in smaller-scale attacks aimed at individual companies of groups of Internet users.
In other malware news, Sophos also posted its monthly top 10 list Monday. The most prevalent, said Sophos, is the two-year-old Netsky.p. Only one of the top 10, in fact, debuted this year.
5 Top Federal Initiatives For 2015As InformationWeek Government readers were busy firming up their fiscal year 2015 budgets, we asked them to rate more than 30 IT initiatives in terms of importance and current leadership focus. No surprise, among more than 30 options, security is No. 1. After that, things get less predictable.