YNOT – Adult websites remain the most likely sources of malware injections, an IT security company reported Monday.According to Commtouch’s “Threats Trend Report” for the first quarter of 2010, attacks continue to increase on mainstream websites devoted to business, computers and technology, forums and newsgroups, education, and health and medicine — in that order — but most “drive-by downloads” of malware occur when users visit porn sites.

Commtouch also alerted on trends in spam and phishing emails. Among 183 billion such messages sent daily, the vast majority — eight in every 10 — are devoted to pharmaceuticals. Porn spam ranks way down the list.

Phishing schemes that spoof well-known, trusted internet destinations are rising in popularity. Many cybercriminals have discovered the “less is more” philosophy, according to the report.

“In February a phishing attack directed at Blogger and Google users was based on a template which used two techniques that effectively downplayed the ‘phishy’ nature of the e-mail,” the report noted, revealing the templates employed a spartan style bearing little more than the kind of text users might expect to see in an administrative notice.

“Phishing-aware services such as PayPal, Facebook and Blogger tend to use text-only emails with no links or images when contacting account owners,” said the report.

Another popular tactic is to appeal to readers’ curiosity, Commtouch found. Many spam and phishing messages included nothing but “RE:” or “FW:” in the subject line and link in the body. The senders rely on the well-known social engineering concept that users often click on the mysterious simply “because it’s there.”

According to Commtouch statistics, spam comprised about 83 percent of all email traffic in the first quarter, rising to a high of 92 percent near the end of March from a nadir of 75 percent during the first part of January.