Only 1 in 222 e-mail messages processed by U.K.-based security vendor Sophos during July carried a malicious payload. The percentage of malicious mail -- just 0.45 percent -- is less than half of the 1.1 percent (1 in 91 messages) tracked during the first six months of 2006.
"At a glance, the drop in the proportion of virus-infected e-mail may be misread as a sign that e-mail is now a safer medium," said Carole Theriault, a senior security consultant at Sophos, in a statement. "The reality is that the number of new threats is increasing.
"While there may be less viruses and worms in the actual e-mail, hackers are spamming out messages that link to malicious sites where Trojan horses lie [in] wait for innocent victims," Theriault continued.
Security analysts have been talking about a sea change in malicious code infections for some time. In particular, many have noted a substantial decline in mass-mailed worms and viruses spread in large-scale attacks, and a corresponding increase in smaller-scale attacks aimed at individual companies of groups of Internet users.
In other malware news, Sophos also posted its monthly top 10 list Monday. The most prevalent, said Sophos, is the two-year-old Netsky.p. Only one of the top 10, in fact, debuted this year.