More than half (55 percent) of all new malware identified in the third quarter of this year were Trojans, said PandaLabs.
The research arm of Panda Security says most of these were banker trojans designed to trick web users into navigating to fake financial sites so cybercriminals can steal login details and passwords.
The use of email to distribute malware, once the most favoured method, has declined. Instead, cybercriminals are resorting to social media related infections, including Clickjacking attacks on social networks such as Facebook, and poisoned search results.
Panda also said 95 percent of all email received during Q3 was spam, and 50 percent of this was sent from just 10 countries, which included India, Brazil and Russia. For the first time, the UK has fallen out of the list of the world's biggest spam-producing countries.
The security firm also said over the past three months it has seen a number of attacks on Google Android phones, which could be the beginning of a wave of threats targeting smartphones.
"We are also beginning to see legitimate Android apps compressed with self-extracting files, designed to infect when the application is extracted. In other words, Android apps are being used as bait to infect computers with self-extracting files," PandaLabs said.