Skip navigation
Skip navigation
You are using an outdated browser. Please upgrade your browser.

Media contact:

Amanda Hassall
Six Degrees Limited
Tel: +44 (0)1628 480280
Skype name: mandyhass

ScanSafe reports spyware skyrockets 254 per cent in 2006 while Web viruses decline 32 per cent

- ScanSafe Annual Global Threat Report also shows

growth in financially motivated Web threats propelled by search and Web 2.0 -

LONDON: January 30, 2007 — ScanSafe, the leading global provider of Web security services, today issued its Annual Global Threat Report. The report is based on an analysis of more than 60 billion Web requests processed in 2006 by the ScanSafe Threat Centre in more than 30 countries across five continents. It represents the world’s largest security analysis of real-world Web traffic.

In 2006, ScanSafe blocked 254 per cent more instances of spyware and saw 32 per cent fewer Web viruses than it did in 2005. However, the number of new unique Web viruses continues to grow and mutate to pose new threats.

“Not only did we see relentless growth in spyware throughout the year, but we saw that it is increasingly harbouring more sinister payloads,” said Dan Nadir, vice president of product strategy at ScanSafe. “We also noticed a trend towards Web viruses being used to spread spyware. The net result is that the line between spyware and Web viruses has become so blurred that malware is the only appropriate term to describe the ever increasing permutations of Web-based threats.”

Other key findings from the report include:

· Financially-motivated Web viruses rise by 310 percent

There was a significant rise in the number of Web virus attacks designed to steal financial information from users. Over 84 per cent of ScanSafe's customer base would have been exposed to this type of malware, had they not deployed Web Malware Scanning. This represents a 310 per cent increase from 2005. Furthermore, over 65 per cent of Web virus payloads were intended to achieve some direct financial benefit.

· One in five Internet searches generates links to either malware or inappropriate content

Search engines have become a significant gateway for exposure to Web threats. In a sample of the most commonly searched terms (as determined by the Google Zeitgeist report), one in five searches generated links to either malware or inappropriate content. Offensive content represents the greatest risk, accounting for 80 per cent of total search blocks. This highlights the increasing risk for corporate users: search results can negatively impact productivity if not managed correctly and also represent risk vectors for information leakage and legal threats.

· New Web viruses now outnumber existing Web viruses and the zero-hour risk increases

For the first time, ScanSafe saw new Web viruses cause more blocks than previously seen Web viruses. Moreover, while the average active life (‘time in the wild’) decreased from 5 months to 3.3 months, protection from zero-hour threats – threats that appear before an anti-virus signature is available — is more critical than ever as there is still a significant time lag before updates are released and installed.

· New communication channels, new risks: Chat and IM account for 15 per cent of Web filtering blocks

Managing Web content accessed by employees remains a major concern for corporate IT administrators. Web chat and IM accounted for the largest single percentage (15 per cent) of Web filtering content blocks in 2006. This trend reflects the rise of ‘presence communications’ like IM, blogs and wikis. These new channels give rise to familiar security concerns.

· Hackers get personal

As operating systems become more ‘locked down’ with built-in features to make installing unsolicited software more difficult, malware authors are using social engineering tactics to help fuel threat propagation. Twenty-six per cent of Web viruses blocked by ScanSafe used some form of social engineering to trick users into installing malware. By luring users into downloading malware by offering free MP3s or pornographic pictures, for example, malware can bypass many security precautions.

· Web 2.0 becomes a target: up to one in 600 pages on social networking sites harbors malware

Web 2.0 sites are increasingly being targeted by malware authors. For example, up to one in 600 pages on social networking sites harbours malware. The growing popularity of many Web 2.0 sites makes them a rich target. In addition, many Web 2.0 applications raise the importance of the integrity of the browser, as the functionality it provides becomes more critical. In 2006 ScanSafe saw an increasing number of exploits specifically attacking the browser.

“In 2006 more than any previous year, the Web became ground-zero for criminal malware attacks,” said Nadir. “The nature and types of threats are proliferating so quickly and becoming so sophisticated that the Web has become one of the fastest growing threat vectors. The key lesson is that you cannot simply rely on periodically updated databases of suspect URLs or anti-virus engines alone to protect your network from Web threats.”

By scanning all content seen across its network in real-time, profiling the characteristics and behaviour of the code, building intelligence that is shared across the global ScanSafe network, and checking against leading signature-based systems – ScanSafe can offer a superior level of threat protection.

“You wouldn’t feel very safe if the only security check used in airport screening was matching your name to a periodically updated central register of suspect individuals,” Nadir explained. “However, you would – and probably do feel more secure when airport screening uses real-time, multi-layered screening. In other words, checking every single passenger each time they travel by passing them though scanning machines, and having expert methods for identifying suspicious characteristics in addition to having a no fly list.”

The ScanSafe Annual Global Threat Report reviews Web-based threats as­ seen by ScanSafe’s leading security platform, Outbreak Intelligence and gathered from ScanSafe’s unique position ‘in-the-cloud’, providing insight into the nature and impact of the security risks actually faced by businesses, as well as analysis of their behaviour. It is based on threat intelligence gathered from ScanSafe’s range of services – Web Malware Scanning, Web Filtering and IM Control as well as research on search threats.

To obtain a full copy of the ScanSafe Annual Global Threat Report, please visit

About ScanSafe

ScanSafe is the leading global provider of Web Security-as-a-Service, ensuring a safe and productive Internet environment for businesses. ScanSafe solutions keep viruses and spyware off corporate networks and allow businesses to control and secure the use of the Web and instant messaging. As a fully managed service, ScanSafe’s solutions require no hardware, upfront capital costs or maintenance and provide unparalleled real-time threat protection.

Powered by its proactive, multi-layered Outbreak IntelligenceTM threat detection technology, ScanSafe processes billions of Web requests and blocks millions of threats each month for customers worldwide, including Rothschild, Condé Nast and BMW.

Since pioneering the market for Web Security-as-a-Service, ScanSafe continues to deliver innovative Web security solutions, including the introduction of ScandooTM—the world’s first free Internet safe search tool that classifies search engine results based on the presence of malware and unwanted content.

With offices in London and San Mateo, California, ScanSafe is privately owned and financed by Benchmark Capital. The company received the Info Security Global Product Excellence Award for Best Managed Security Service, and was named one of Red Herring’s Top 100 Technology companies.

For more information, visit .

This press release was distributed by ResponseSource Press Release Wire on behalf of Six Degrees Limited in the following categories: Consumer Technology, Personal Finance, Business & Finance, Computing & Telecoms, for more information visit