Spammers are evading anti-spam tools by spreading their efforts across multiple IP addresses, according to the networking firm Cisco.
So-called "snowshoe spam" has many of the hallmarks of traditional spam messages, and often has the same goal of dropping malware onto a victim’s machine via email attachment.
Writing in its annual security report, Cisco said: "To mitigate snowshoe spam, security professionals cannot simply rely on solutions that are based on reputation, since the same messages in a campaign can originate from hundreds or even thousands of places in the case of botnet-derived campaigns."
It is advised companies look for other signs of spam, such as a mismatch between forward and reverse domain name systems (DNS)which is "generally considered an obvious indicator that a mail server is not legitimate".
Many IP addresses observed by the company also had no record of sending emails, leading the researchers to conclude that machines had been compromised to create a botnet through which spam could be sent.
Figures from the report also showed a steep rise in spam in China between January and November last year, with volumes rising by 25%, as well as the US in which volumes rose by 6% over the same period.
"Spear-phishing messages, a staple of online criminals for years, have evolved to the point where even experienced end users have a hard time spotting faked messages among their authentic emails," the company added.
"These messages, which target specific individuals with a well-crafted message, appear to come from well-known vendors or service providers from whom users commonly receive messages — for example, delivery services, online shopping sites, and music and entertainment providers."