Virus-laden e-mails dropped from 2.01 percent of all e-mail in August, to 1.75 percent in September, the lowest level this year, according to e-mail security company BlackSpider Technologies.
Security company Sophos also reported a drop in the number of infected e-mails -- the fifth in successive months. Sophos's research found that 1.53 percent, or one in 65 e-mails circulating in September, was viral.
Netsky.P topped the Blackspider virus chart for the seventh successive month, accounting for 24 percent of all viruses detected in September.
Sophos has seen a rise in Netsky.P incidences, and reported that this virus rose in prevalence from 14.7 percent to 18.6 percent of all viruses. Netsky.P also continued to head up the Sophos top ten.
Netsky.P spreads via e-mail and Internet file-sharing systems, and tries to tempt PC users into launching an infected file, according to Sophos. The worm was written by German teenager Sven Jaschan, who received a 21-month suspended sentence on 8 July.
Netsky.P was first detected nineteen months ago. Sophos reported that the average age of the top ten viruses is eight months, which demonstrates to the company that "a large number of users are still being complacent about installing and updating their virus protection."
"Businesses and home users alike have had nineteen months to update their software, but an alarming number obviously still have not got round to it," said Sophos senior security consultant, Carole Theriault, in a statement.
This also supports the findings of a recent Sophos survey, which claimed that 79 percent of IT professionals believe employees are putting their organisations at risk by failing to act safely online.
Both reports highlight the changing nature of the security threat landscape.
Blackspider reports that incidences of zero-day malware (sent before a patch is released) have almost doubled since August, with 10 new variants of the Bagle virus featuring in the most common zero-day malware sent.
Sophos also saw a drop in mass-mailed attacks, with a growing number of targeted threats being written for financial gain.
"Smaller, targeted attacks are on the increase, with the emergence of a new breed of financially-motivated online criminal. The concern is that if users continue to combine unsafe computing practices with outdated threat protection, they'll be a soft target for this new form of attack," Theriault warned.
"Not only must firms ensure that they keep their virus, spyware and spam protection updated, but IT managers have to start enforcing strict security policies to ensure employees don't jeopardise that protection through reckless online behaviour," added Theriault.
In order to minimise exposure to viruses, Sophos recommends that companies deploy a policy at their e-mail gateway which blocks unwanted executable attachments from being sent into their organisation from the outside world. Companies should also run up-to-date anti-virus software, firewalls and install the latest security patches.
ZDNet UK's Tom Espiner reported from London. For more coverage from ZDNet UK, click here.
