LOS ANGELES, March 21 (Xinhuanet) -- More than half of recent major Internet threats are targeting personal information, a sign that financial gain is behind the attacks, IT security firm Symantec said Monday.

    While releasing its latest Internet Security Threat Report, Symantec said that identity theft features were found in 54 percent of the top 50 malicious codes detected between July and December last year, marking an increase on the 36 percent found during the same period in year 2003.

    This represents a clear trend that attackers have gone from seeking fame to seeking fortune, according to Oliver Friedrichs, senior manager with Symantec Security Response.

    Computers are increasingly coming under attack from Trojan horses, worms and viruses that attempt to glean users' cached log-on data and passwords to financial information, and this trend is not likely to slow down soon, he noted.

    The study also detected a rise in phishing attempts used by financially motivated attackers. Phishing scams, which rely on social engineering to dupe people into providing sensitive financial and confidential information, use fake e-mails and Web sites that look like legitimate sites.

    Symantec said that by the end of last December, it was blockingan average of over 33 million phishing attempts a week, up from anaverage of 9 million a week in mid-July. This represents an increase of over 366 percent.

    Phishing will continue to be a very serious concern over the year 2005, the study expected.

    Regulatory intervention and technological means of checking thelegitimacy of e-mails have been suggested as methods of reducing identity threat attacks. But regulations are somewhat limited, because the individuals behind the scams are already breaking the law and show an apparent disregard to rules and regulations, according to Friedrichs.

    He added that technology, in its current form, is also hard-pressed to combat phishing e-mails and identity threat attacks.

    "Most of the technology today is in its infancy," Friedrichs said. "There are a number of efforts underway to create standards to validate these e-mails, but right now there is no clear standard that has been incorporated into technology."

    Windows 32 viruses and worms pose a serious threat to the security and integrity of the computing community due to the widespread deployment of Microsoft Windows operating systems, the study showed.

    From last July to December, Symantec reported more than 7,360 new Windows 32 virus and worm variants. This represents an increase of 64 percent over the previous six-month period, and thetotal number of documented Windows 32 threats and variants was approaching 17,500 by last December.

    Because a failure to prevent, detect, or remove these threats could mean severe financial losses, the disclosure of confidentialinformation, and the loss of data, organizations are challenged with updating their antivirus solutions more often than ever before, Symantec said.

    The study also found an increase in the number of flaws in Web applications, which could let attackers get past traditional protections such as firewalls. Vulnerabilities in Web applicationsaccounted for 48 percent of the total number of flaws detected between last July and December, up from 39 percent during the first six months of the year.

    "Attacks are increasingly focusing on the Web server, which is one of the few things exposed externally," Friedrichs said, referring to the server's placement outside the network firewall. Enditem