The security company said this security threat was particularly rampant over the past four months but June and September were hit the worst with this spam accounting for eight percent of all email threats.
However, it seems the spammers may have been on their summer holidays in July and August with these figures falling to two and three percent.
Graham Cluley, senior technology consultant at Sophos said that part of this was down to a large number of malicious spam with embedded HTML attachments (detected as Troj/JSRedir-BO), and was associated with Facebook password resetting tasks, the FIFA World Cup and Skype in June.
“Instead of setting up a bogus financial website, scammers insert the phishing contents directly into the HTML attachment,” Mr Cluley said.
And it seems we have to stay on our guard, with Sophos claiming that the spamming will continue.
“SophosLabs has no reason to believe that this pattern is likely to change in the next few months,” the company said.