Live Science reports that according to a study done by computer scientists at the University of Washington, the incidence of spyware on the internet has "significantly declined". The study checked more than 20 million websites including games, news and celebrity sites according to this article. The findings:
More 5 percent of executable files contain piggybacked spyware.
One in 62 Internet domains performs "drive-by download attacks" to force spyware on users who simply visit the site.
Game and celebrity Web sites appeared to pose the greatest risk for piggybacked spyware, while sites that offer pirated software topped the list for drive-by attacks.
One in 62 of 20 million sites is quite a large number still. The article does not mention if porn sites were checked. Porn sites are a huge source of spyware usually downloaded though exploits. The CoolWebSearch porn sites alone number in the thousands and are guaranteed to give you a nasty payload. This page at Webhelper's site has links to lists of CWS sites and the Apha Sort in Text Format list has 3,500 sites listed. Most of them are porn sites.
The study employed a Web crawler to visit sites and look for spyware. It made two crawls, in May and October last year, and noted a 93 percent reduction in drive-by download attacks. That may be because more people are using anti-spyware tools and employing automated patch programs such as Windows Update. Also, civil lawsuits have been brought against spyware distributors.
It would be intersting to see the full study because this article isn't so clear to me. I don't know about that 93% reduction in drive-by download attacks. One thing I do know is that spyware attacks have become much more malicious with the increase in keyloggers, spam bots, backdoors and rootkits found today in spyware victims' HijackThis logs.