Authors
| Position | Change in position | Name | Proactive Detection Flag | Percentage |
| 1. |
 0 |
Email-Worm.Win32.NetSky.q | Trojan.generic | 23.12 |
| 2. |
 +1 |
Email-Worm.Win32.NetSky.y | Trojan.generic | 9.70 |
| 3. |
 +2 |
Email-Worm.Win32.Scano.gen | Trojan.generic | 9.63 |
| 4. |
 +4 |
Email-Worm.Win32.Nyxem.e | Trojan.generic | 6.75 |
| 5. |
 -3 |
Email-Worm.Win32.NetSky.d | Trojan.generic | 6.27 |
| 6. |
 Return |
Email-Worm.Win32.NetSky.x | Trojan.generic | 4.44 |
| 7. |
 -1 |
Email-Worm.Win32.NetSky.aa | Trojan.generic | 3.74 |
| 8. |
 Return |
Email-Worm.Win32.NetSky.b | Trojan.generic | 3.26 |
| 9. |
 -5 |
Email-Worm.Win32.Bagle.gt | Trojan.generic | 2.75 |
| 10. |
 Return |
Net-Worm.Win32.Mytob.u | Worm.P2P.generic | 2.60 |
| 11. |
 +6 |
Net-Worm.Win32.Mytob.c | Trojan.generic | 2.40 |
| 12. |
 0 |
Email-Worm.Win32.Scano.bn | Trojan.generic | 2.09 |
| 13. |
 Return |
Email-Worm.Win32.NetSky.r | Trojan.generic | 1.98 |
| 14. |
 +4 |
Email-Worm.Win32.NetSky.t | Trojan.generic | 1.94 |
| 15. |
 Return |
Net-Worm.Win32.Mytob.bi | Trojan.generic | 1.65 |
| 16. |
 -5 |
Email-Worm.Win32.Bagle.gen | Trojan.generic | 1.39 |
| 17. |
 -4 |
Email-Worm.Win32.Mydoom.l | Worm.P2P.generic | 1.19 |
| 18. |
 Return |
Net-Worm.Win32.Mytob.t | Worm.P2P.generic | 1.08 |
| 19. |
 -3 |
Email-Worm.Win32.NetSky.c | Trojan.generic | 0.97 |
| 20. |
 New! |
Net-Worm.Win32.Mytob.cg | Worm.P2P.generic | 0.90 |
| Other malicious programs | 12.15 | |||
The May 2008 Email Top Twenty is a short one; this is explained by the well-known fact that virus writers take a break over the summer months. The complete absence of any epidemics in mail traffic, which is obvious from even a cursory glance at this month’s rankings, bears this out.
In fact, the only significant change to the rankings was caused by the re-entry of a few worms which have been in circulation for several years now.
Trojan-Downloader programs such as Agent.ica, Agent.hsl, and Diehard that were active during the first four months of 2008 disappeared without trace in May.
The Warezov and Zhelatin worms have not reappeared since dropping out of the Top Twenty back in February. The authors have stopped sending out the executable components of the worms by email, confining themselves to distributing the code via links on infected websites.
This does mean that the threat posed by malicious code in email has declined. However, phishing and spam continue to pose very real threats and have the potential to create just as big a problem for the end user.
Other malicious programs made up a significant percentage (12.15%) of all malicious code found in mail traffic.
The Top Twenty countries which acted as sources of infected emails in May are shown below:
| Position | Change | Country | Percentage |
| 1 |
 0 |
USA | 21.72 |
| 2 |
 +5 |
Poland | 13.18 |
| 3 |
 -1 |
South Korea | 7.88 |
| 4 |
 -1 |
Spain | 5.85 |
| 5 |
 -1 |
China | 5.15 |
| 6 |
 0 |
France | 4.07 |
| 7 |
 +1 |
Germany | 3.54 |
| 8 |
 -1 |
Brazil | 3.49 |
| 9 |
 0 |
United Kingdom | 2.83 |
| 10 |
 -2 |
India | 2.82 |
| 11 |
 -1 |
Italy | 2.66 |
| 12 |
 -1 |
Isreal | 1.80 |
| 13 |
 0 |
Japan | 1.66 |
| 14 |
 +5 |
Canada | 1.15 |
| 15 |
 +2 |
The Netherlands | 1.07 |
| 16 |
 -1 |
Turkey | 1.05 |
| 17 |
 -1 |
Australia | 1.03 |
| 18 |
 -4 |
Argentina | 1.02 |
| 19 |
 +1 |
Russia | 0.99 |
| 20 |
 New! |
Austria | 0.91 |
| Other Countries | 16.13 | ||
Summary
- Moved up: Email-Worm.Win32.NetSky.y, Email-Worm.Win32.Scano.gen, Email-Worm.Win32.Nyxem.e, Net-Worm.Win32.Mytob.c,
Email-Worm.Win32.NetSky.t. - Moved down: Email-Worm.Win32.NetSky.d, Email-Worm.Win32.NetSky.aa, Email-Worm.Win32.Bagle.gt, Email-Worm.Win32.Bagle.gen, Email-Worm.Win32.Mydoom.l, Email-Worm.Win32.NetSky.c.
- Returned: Email-Worm.Win32.NetSky.x, Email-Worm.Win32.NetSky.b, Net-Worm.Win32.Mytob.u, Email-Worm.Win32.NetSky.r,
Net-Worm.Win32.Mytob.bi, Net-Worm.Win32.Mytob.t, Net-Worm.Win32.Mytob.cg. - No change: Email-Worm.Win32.NetSky.q, Email-Worm.Win32.Scano.bn.
Authors
From the same authors
In the same category
Virus Top 20 for May 2008