Spam - particularly the kind with malicious attachments - is exploding, reaching a two-year high overall, which includes the spike last fall just before the SpamIt operation folded its doors, a security firm says.
In fact spam traffic is about double what it was then, according to M86 Security Labs, which monitors spam levels across selected domains.
"After multiple recent botnet takedowns, cybercriminal groups remain resilient clearly looking to build their botnets and distribute more fake AV in the process," the company says in its blog. "It seems spammers have returned from a holiday break and are enthusiastically back to work."
This report coincides with a report yesterday from Internet security company Commtouch, which says a spike in email-attached malware has just ended, but that further waves are expected.
M86 says in its blog that most of the spam is generated by the Cutwail botnet, and malicious spam accounted for 13% of the mix over the past week, which is unusually high, but even that spiked to 24% yesterday.
And it found that much of the malicious spam was couched in phony correspondence from UPS, which concurs with Commtouch's findings that UPS spam was much of what Cutwail and Festi are sending.
It says that other bots are sending other forms of malicious attachments. The Asprox botnet, for example, is sending malicious hotel transaction spam with password-stealing and phony antivirus malware attached, M86 says.
Overall the top subjects of the spam were pharmaceuticals, gambling and dating, M86 says.