MessageLabs, a subsidiary of Symantec, used weight and price information included in spam mails as part of its January 2010 Intelligence Report, to get a sense of how prices had moved in the past year. It found that the spammer's prices for Viagra peaked at around $6 per 100mg in early 2009, but fell during the summer to between $2 and $3 per 100mg in June and July. The price finally flattened out at around $1.60 at the end of the year, where it still remains.

"It isn’t really possible to speculate whether this is a true reflection of the state of the spam economy, but it will be interesting to see if the spammers’ prices are stimulated into returning to their former higher levels, perhaps as the global economy continues with its recovery," said MessageLabs.

Other findings from the report included a 32.1% increase since December in the total number of websites blocked per day for malicious content, although fewer of these seem to be new strains. A total of 1,760 of these websites were found harboring new content, which represented a marked decrease in the number of sites delivering new, unknown malware since December (down 56.2%). This suggests that the use of existing malware designed to be delivered via websites is growing.

This finding could indicate that criminals are concentrating on distribution channels, rather than malware innovation. Scammers are certainly quick to capitalize on events – both real and fake – to mount their malware campaigns. Aside from SEO-fueled malware campaigns designed to exploit the Haiti tragedy, we also saw a hoax story about the death of Johnny Depp (gladly fake) that was used to lure victims to a purported video of the crash, which delivered the inevitable malware payload.