Koobface is a human-powered worm that sends itself to everyone listed in an infected user's social network. Those who fall for the message, click the link, and install the bogus codec will then perpetuate the worm's spread through their own social networking contacts. But just how likely are users to clickthrough and infect themselves?

In 2009, Koobface comprised considerably less than 1% of all Web malware. A closer look at 2010 data reveals that less than 10% of enterprises actually have users that click a Koobface link. The highest rate was March, when 11% had users that clicked through; the lowest was February at 6%. Of those enterprises that do click through, the median rate per enterprise is only 3 clicks each.

For total volume, in January 2010, Koobface comprised only 0.55% of all Web malware; February was lowest at 0.15%, and March the highest at 3.1%.

Thus far in April, only 1% of enterprises have users that clicked a Koobface link. The median rate for those is 3 clicks each. Currently Koobface comprises only 1% of April Web malware blocks.

However, if you happen to be located in Zimbabwe it's a completely different story. Zimbabwe sports a Koobface-clickthrough rate that's hundreds of times above the norm.