Non-delivery report (NDR) spam has increased by 2000 percent in August since June this year, says PandaLabs.
An NDR is an email automatically sent by mail systems to advise senders of problems delivering their messages. These messages are usually legitimate, but cyber criminals are exploiting this function to distribute spam, using the sender's real name.
The security firm revealed that the spam content is usually sent as an attachment to the fake non-delivery notice and while, in most cases, recipients have not sent the supposedly undelivered email, they still become curious and open it
PandaLabs said that these messages account for 20 percent of all global spam.
"There is presently no consensus on whether NDRs are a technique to evade antispam filters or a collateral effect of dictionary attacks; either way, this technique is now among the most widely used," said Luis Corrons, technical director of PandaLabs.
"These waves of spam are usually generated through botnets," he added.
See also: Malware used for ID theft on the rise