There was a 50 percent increase in the number of companies that reported spyware problems over the last year, according to the annual Websense Web@Work survey, the findings of which were released on Tuesday.
"This is almost 50 percent growth in the instances of keyloggers that organizations are reporting back," said Joel Camissar, a manager at Websense. "Despite the organizations' having a 'best of breed' antivirus, anti-spyware and firewall, we are still detecting a huge amount of back-channel spyware communication." Spyware has become a big headache for all business so much so that the U.S. Federal Trade Commission has assured that some sort of action will be taken against those who distribute spyware.
Spyware is basically installed on the users' machine without their knowledge and monitors their online activities including financial transactions. Most often this tracking is done via a keylogger, which means that the spyware records the keystrokes executed by the owner of the PC.
Camissar said that one of the main reasons for spyware proliferation was the fact that toolkits for making spyware were easily being obtained online. "In April 2005, there were 77 unique password-stealing applications. In the latest March report, there were 197. Unique Web sites hosing keyloggers in the same time frame have gone up from 260 to 2,157--almost a 10-times growth," he said. He based these estimations on a recent Websense research that was undertaken in collaboration with Anti-Phishing Working Group.
The current survey also found that most companies believed that their staff could not distinguish between genuine sites and phishing sites. "Forty-seven percent of IT decision makers said their employees have clicked on phishing e-mails, and 44 percent believe employees cannot accurately identify phishing sites," Camissar revealed. "I am surprised that the results are not showing a larger growth in the number of organizations hit by this kind of threat."
