まずはメールに添付して送付する形が流行したが、添付も限界が出たのでリンクを置いてHTTPでウイルスをダウンロードさせるように変わったが・・・今度はFTPが出てきたそうです。

A year or two ago, the malware author's preferred way of spreading their wares was via e-mail attachments. We all remember mass outbreaks like Bagle, Mydoom and Warezov.

Well, sending EXE attachments in e-mail doesn't work anymore. Almost every organization is now dropping such risky attachments from their e-mail traffic.

So virus writers have made a clear shift away from e-mail attachments to the Web: drive-by-downloads. This attack often still starts with an e-mail spam run; there's just no attachments in the e-mail anymore as it has been replaced by a web link.

Some of these malicious web sites use exploits to infect you just by visiting a web page, others use compelling stories to fool you into downloading and running a program from the page.

Many have missed this shift of attacks from e-mail to the web. There's a lot of companies measuring their risk of getting infected by looking at the amount of stopped attachments at their e-mail gateway. Those numbers are definitely going down, but the actual risk of getting infected probably isn't.

Those organizations that are not scanning their web traffic for malware should seriously consider starting to do it, right now.

However, virus writers are moving again. We're now seeing more and more malicious e-mails that link to malware  not via HTTP but via FTP links.

下の方のステータスバーにFTPのリンクが表示されていますね。