Sophos found just one infected message in every 1,000 e-mails in August, way down from 322 during the first six months of 2007.
But there were large numbers of attacks via spam e-mail that directed users to infected web pages. These are increasing at an average of 5,000 a each day, compared with 6,000 in July. The bait is e-cards, pictures of nude celebrities, YouTube movies and pop music videos.
"People visiting the sites risk having their PCs infected by malicious code which can then steal personal information, spam out more malware and junk e-mail, or launch distributed denial of service attacks against innocent parties," Sophos said.
The top ten web-based malware threats in August 2007 were:
1. Mal/Iframe 47.8%
2. Mal/ObfJS 17.7%
3. Troj/Decdec 14.0%
4. Troj/Fujif 4.3%
5. Mal/EncPk 2.5%
6. Troj/Psyme 2.2%
7. Mal/Packer 1.1%
8. Troj/Pintadd 1.0%
9. VBS/Redlof 0.7%
10. Mal/Behav 0.5%
Carole Theriault, senior security consultant at Sophos, said, "Businesses, web hosts and ISPs are failing to defend their websites properly. Fraudsters are continuing to find rich pickings on the internet, duping users into handing over their personal information."
The top three countries with infected web pages were China (45%), the US (21%) and Russia (11%), Theriault said. "Hackers are hijacking websites around the world to make them point to malware on sites based in China, the USA and Russia."
But the proportion of infected pages hosted by the Ukraine more than doubled, and the Netherlands, Italy and Canada all re-entered the chart.