Business PCs rife with spyware?

Webroot Software earlier this week released another installment of its State of Spyware report. Along with it came a news release filled with words to raise alarm over spyware.

The release speaks of "dramatic increases in the number of reported corporate spyware incidents." It also notes an "alarming rise in the amount of spyware on corporate machines."

In the study itself, a 74-page PDF that is available for download, Webroot states: "The spyware infection rate for enterprise desktops continues to remain above 80 percent." Also, the report says, the number of spyware instances per infected machine has increased by 19 percent and averages 27.

But wait, could that really be true? On the next page Webroot says cookies make up "the largest number of infections per enterprise machine." (Cookies are those simple files typically placed on your PC so a Web site can remember that you have been there before.)

The Anti-Spyware Coalition, of which Webroot is a member, defines spyware as software that gathers information about the user and is installed without adequate user notice, consent or control. Programs, for example, that are downloaded and installed surreptitiously on a PC, or that track which Web sites people visit, would qualify as spyware, for example.

Webroot does not give a percentage for the level of infection on business PCs that leaves out the cookies. The company does say that without the cookies an average of 4.4 instances of Trojans, system monitors and adware combined was found on business PCs.

Also, what Webroot doesn't say in its news release is how it arrived at the conclusion that there had been "dramatic increases" and an "alarming rise" in spyware in businesses. Here is what the company says on page 69 of the report (the highlight is mine):

"Both the Consumer SpyAudit and Enterprise SpyAudit collect data from individuals or corporations who visit the Webroot website www.webroot.com, or some other affiliated site where the SpyAudit is available, and elected to download and run a SpyAudit scan. Because of this self-selecting sample, the data may not reflect the "general" Internet population and may be skewed to an audience who believes they may have a spyware issue. "

Is there a connection between the dramatic tone of the report extract and the fact that Webroot sells antispyware tools? You tell me.