According to Commtouch's Q1 2011 Internet Threats Trend Report, whilst overall spam activity dropped around the New Year, it rose significantly after the holiday period.
From January to mid-March, spam averaged 168 billion emails per day until Rustock was eliminated, dropping spam to an average of nearly 119 billion messages daily.
Zombie activity also dropped significantly after Rustock was taken down, but large increases of enslaved computers became evident following the malware outbreak at the end of the quarter.
Asaf Greiner, the firm's vice president, says that botnets have become an essential part of cybercriminal infrastructure, providing vast computing resources, bandwidth and anonymity.
"Botnet takedowns will almost always result in significant attempts at rebuilding, to allow criminal operations to continue", he noted.
Delving into the report reveals that mass mailings of 'parcel tracking information' messages purporting to come from UPS and DHL accounted for 30% of all emails sent during the peak of the outbreak.
Facebook chat messages, meanwhile, from compromised user accounts led to phony Facebook applications and ultimately virus files, whilst Adobe PDF files with embedded script malware mimicked Xerox scanned documents during the quarter.
The report also found that the 'Kama Sutra' virus tempted recipients with an explicit PowerPoint presentation, whilst German telco T-Online's personal homepage feature was abused to redirect visitors to fake anti-virus downloads.
During the quarter, the most popular spam topic was once again pharmacy ads, representing 28% of all spam, down from 42% in Q4 2010, whilst India kept its title for the third quarter in a row as the country with the most zombies, accounting for 17% of all zombies worldwide.