ONLINE BAD GUYS changed tactics in the last six months of 2007, dropping malicious e-mail in favor of Web-based attacks, according to data reported to Microsoft by Windows users.

The company saw the number of Trojan-horse downloader programs that it removed from Windows ma¬chines jump by 300 percent, according to Jimmy Kuo, principal architect with Microsoft's Malware Protection Cen¬ter. These programs masquerade as legitimate pieces of software; but once installed, they download malicious ap¬plications such as spyware or adware onto the victim's computer. Typically they install via the Internet.

The shift to the Web has been forced on criminals, as system admin¬istrators became better at blocking executable files sent via e-mail. "Exe¬cutables are often being stripped

Extent of infected pes monthly:
• 1 in 123 overall
• 1 in 112 in the United States
• 1 in 685 in Japan
SOURCE MICROSOFT
completely, regardless of what they are," Kuo says. So instead of sending their baleful software bye-mail, the crooks now send out spam messages that trick victims into visiting mali¬cious Web sites.
Many companies compile data on Web attacks, but Microsoft's collection is the most comprehensive, coming from about 4S0 million computers that run the Microsoft Malicious Software Re¬moval Tool that ships with Windows Vista, XP, 2000, and Server 2003.

Among the statistics published in Microsoft's Security Intelligence Report (lwww.microsoft.com/downloads/
d eta i IS.a spx? Fa mil yl d= BCC8 79 0 B-9 F E 6-4331¬B231-E27 4EA8FC804&displaylang=en):
• The amount of malware that Micro¬soft's tool removed was up SS percent from the first six months of 2007.
• Adware is still the most common form of unwanted software, and was up 66 percent in the second half of the year to 34.3 million detections. The top piece of adware in the period was Win32/ Hotbar, which installs an Internet Ex¬plorer toolbar that spews pop-up ads.
• Between 7S and 80 percent of ph ish¬ing pages that the Microsoft Phishing Filter tracked were in English, and phishing is now moving from e-mail onto social networks.
• Rogue security software-bogus or malicious programs that pretend to protect PCs-is on the rise. The most widely spotted is Win32jWinfixer.