One such worm causing particular concern is Oscabot-F, which spreads by sending messages to AIM users, saying "lol have you seen this?" and offering a download link. Clicking on the link will download and install the Oscabot-F worm onto the victim's computer and send identical messages to all the victim's AIM buddies. This kind of threat is very difficult to deal with for a variety of reasons, but mainly because IM software is often configured to work on port 80, along with regular HTTP traffic. This means that firewalls will not commonly have blocks in place to stop IM worms. To stop this kind of threat, corporations need better security measures than are currently often in place.
The growing adoption of IM in the enterprise and the growing number of IM threats may pressure messaging security vendors to support IM security as well, said John Pescatore, an analyst at Gartner Inc., of Stamford, Conn.
Secure messaging gateways that consolidate SMTP traffic, Web-based e-mail traffic and IM, as well as firewall and intrusion prevention features, are the right medicine for evolving threats such as IM worms and viruses, he said.