According to the security vendor, it is urging all computer users – business and consumer - to update their security software after the bank holiday, as well as quarantine any laptops that have been out over the holiday period.
Interestingly, Ed Rowley, M86's senior product manager says that, after a steady decline in spam since June of last year, his research team have observed spam levels doubling during August 2011 – with malicious spam surging from 0.2% in June 2010 to 24% of all spam analysed during this month.
In the summer of 2010, the notorious Pushdo/Cutwail spammer botnet was taken down after a co-ordinated effort by security researchers, followed by the closure of the Spamit affiliate programme in September, resulting in a significant decrease in spam.
At that time M86 Security says it predicted that other botnets would move in to take Cutwail’s place and its latest research indicates that spammers have tried to rebuild their botnets over the summer holiday period.
Rowley says that the spam increase is down to employees working at home – and using their home PCs – during the holiday period. Spammers, he notes, are constantly looking for ways to increase their zombie networks so that they can continue to get paid by their affiliate programmes.
“While work laptops are covered by corporate security updates, holiday makers may spend more time than normal on their home computers or personal laptops, which are less well protected. There is a risk that known vulnerabilities will go unpatched, leading to your PC being added to a new botnet”, he says.
“Following the massive increase in malicious spam, we would urge all staff returning to the office after the summer break to get their laptops scanned and updated with the latest security patches before connecting to the company network”, he adds.
Rowley went on to say that the industry can only reduce global spam levels by cutting the spambot operators’ access to zombie machines – and that requires law enforcement agencies and security researchers to continue to disrupt spammers’ operations, but end users can also play their part by keeping applications updated.