Security experts are reporting that malware laden spam is on the increase. The malware is either delivered via .zip or .rar attachments or by directing the recipient to a compromised website via a link. Another method rising in popularity is the embedding of malicious code into the source code of the message. Most of the payloads were Trojans and information-stealing applications. The most popular malware sent via spam is the Pandex Trojan, which turns a computer into a zombie machine, harvests addresses from a variety of files, including .eml, .txt, and htm, and installs a rootkit.

There’s also a warning out that the growing financial crisis may lead to an even sharper rise in malicious spam as scammers exploit the grim headlines and prey on worried consumers. Troubled bank Wachovia has already been used as the subject of a phishing spam. In fact, as the country’s financial woes began to deepen last month, the number of zombie computers sending spam rose a startling 101%! This could be signaling the beginning of a massive new spam campaign designed to exploit those woes as spam messages with subject lines such as “Save Your Home!” and “Avoid Foreclosure!” began circulating last month as well.

How to protect yourself and your company? Keep your anti-spam and anti-virus software up to date, and set filters to reject attachments ending in .rar, .zip, .exe, .scr and .pif. Make sure your employees change their passwords regularly, and tell them not to click on links in emails or open attachments from people they don’t know. If a computer does get infected, shut off its internet access and isolate it from all internal networks as soon as possible. Scammers grow more and more creative everyday so educating your employees and making sure your IT department has the tools it needs to protect your network is more critical than ever.