Cybercriminals upped their efforts in March, as Symantec reported that the number of malicious websites it had to block for hosting malware tripled.
The latest MessageLabs Intelligence Report said that this meant 3,000 potentially harmful websites were being blocked daily.
The percentage of email borne malware that contained links to malicious sites also increased to its highest level since last June.
With an increase of nearly 200 per cent, Symantec said the big rise in malicious websites revolved around a resurgence in using images containing injected scripts such as JavaScript or VBScript, attempting to exploit flaws in older browsers.
It said that many of websites that hosted the images included free image hosting websites, and could potentially extend to social network and file-sharing sites.
Malicious links sent through email and hosted on compromised sites was a growing risk to businesses, as attacks were designed to steal personal data simply when a user visited infected sites.
"Having focused on email tactics for the latter half of 2008 and 2009, the cybercriminals are varying their strategies, and turning towards web-related tactics, so not to become too predictable," said Paul Wood, MessageLabs senior analyst.
That was not to say that email spam was becoming less of a problem.
According to a post from the Google Enterprise security team, the second half of March saw the seven-day average spam volume the same as it saw prior to the blocking of the McColo server.
Google said that spammers had rallied following the takedown of McColo, and that the overall spam growth during the first quarter was the strongest it has seen since early 2008.
