Hackers ramp up 'insidious' targeted attacks

Users risk falling into a false sense of security as the overall percentage of infected email plummets, security experts have warned.

Antivirus firm Sophos' latest internet threat research for July 2006 reveals that while the Netsky-P worm, first seen in March 2004, remains the most widespread piece of malware travelling via email, the actual proportion of infected email has dropped to a low of just one in 222 (0.45 per cent). This compares to the first six months of 2006 when, on average, one in 91 emails (1.1 per cent) carried malicious attachments.

This dramatic reduction in viral email traffic indicates that malware authors are looking for other methods of infection, according to Sophos. But the firm warned that, while hackers are turning away from mass-mailing viruses and worms, they are instead turning to "more insidious" Trojan horse targeted attacks aimed at smaller groups of users, spamming out links to malicious websites, and attempting to steal money and identities.

The study identified 3,715 new threats in July, bringing the total of malware protected against to 184,007. The majority of the new threats (87 per cent) were Trojan horses, while just 13 per cent were worms or viruses.

"At a glance, the drop in the proportion of virus infected email may be misread as a sign that email is now a safer medium, but computer users and businesses shouldn't be fooled," said Carole Theriault, senior security consultant at Sophos.

"The reality is that the number of new threats is increasing by thousands each month. While there may be fewer viruses and worms in the actual email, hackers are spamming out messages that link to malicious websites where Trojan horses lie and wait for innocent victims. If businesses don't defend themselves, they put their data, money and productivity levels at risk."