Instead of sending e-mail from a known spam IP address or infected bot server, spammers have found ways to do so from legitimate mail servers and domains, Cyberoam noted.

The unified threat management (UTM) solutions provider said that spammers would steal legitimate e-mail senders' credentials, compromising e-mail account enrollment processes. Consequently, the spammers could automatically register thousands of free e-mail accounts mainly by using algorithms to break CAPTCHAs meant to eliminate mass automated registrations.

In particular, malware hidden in legitimate sites is on the rise, Cyberoam said.

Perpetrators also play on user psychology and curiosity by sending spam content such as gruesome videos, doomsday announcements, celebration days, love mails and celebrities' information.

Sinister attack methods