Enterprises have seen a dramatic increase in spyware infections this year, according to the Sophos 2005 Security Threat Management Report.
Sophos attributes the increase to the business model used by virus writers. The company says the goal of virus writers is financial gain through long-term infection, which is why spyware usage has been so prevalent.
The global report, which was released this week, found spyware rose to 66.4 percent of all malware threats in November.
In January, only 54.2 percent of all threats included a spyware payload and the year to date has shown a 48 percent increase in malware compared to 2004.
Virus With a Purpose
Sophos' head of technology, Paul Ducklin, said virus writers are decreasingly writing viruses just for the sake of it and are instead turning to malicious code with a specific purpose, hence spyware.
"Viruses that include spyware characteristics and provide backdoor access over and above what a virus does, gives you a saleable commodity in the same way a botnet would; it is something you can rent out to the highest or lowest bidder," Ducklin said.
"I don't know if one can prove this definitively but if you look at the broader picture we see more and more cases in which malware gets a smaller distribution.
"I suspect virus writers with an organized criminal bent don't want another Blaster or Sasser, because it is counterproductive and affects their ability to compromise machines."
Ducklin said Blaster and Sasser aren't suitable for a criminal harvest because they spread too far and went out of control.
"This results in users taking the problem seriously and doing something about it," he said.
Phishing Gets Rougher
Ducklin said another emerging trend is spear phishing, which will overtake regular phishing campaigns. This is a targeted type of phishing that is more effective because it goes to people more likely to fall for the particular pitch.
"Instead of sending one million e-mails, which is obvious to the 900,000 who don't use a particular banking service, why not just send it to people who use that service?" he said.
The U.S., South Korea and China still account for 50 percent of all global spam, according to the report.
This story, "Spyware is Biggest Web Threat, Study Says" was originally published by Computerworld.