According to IBM, 94 percent of web browser vulnerabilities are exploited within 24-hours of the flaw being highlighted.
The company's X-Force trend report highlighted that these 'zero-day' attacks are on the internet before people even know they have a vulnerability that needs to be patched in their systems. The research also identified that 78 percent of web browser exploits targeted browser plug-ins.
IBM says the lack of a set protocol for disclosing vulnerabilities in the research industry is partly to blame for the speed at which the attacks happen.
"Without a unified process for disclosing vulnerabilities, the research industry runs the risk of actually fuelling online criminal activity. There's a reason why X-Force doesn't publish exploit code for the vulnerabilities we have found, and perhaps it is time for others in our field to reconsider this practice," said X-Force operations manager Kris Lamb.
The report also revealed that approximately 90 percent of spam is now simple URL spam, which is difficult for spam filters to detect while Russia is the biggest spamming nation, responsible for 11 percent of the world's spam. Turkey is the second biggest spamming nation with 8 percent, closely followed by US, which contributes 7.1 percent.
IBM also highlighted that gamers are the main focus of password stealing trojans. The four most-effective trojans of 2008 so far have all been aimed at gamers in a bid to steal their virtual assets and sell them on for real money in online market places.