Email malware refers to malware that is distributed via email.

Historically some of the most prolific virus families (eg: Netsky or SoBig) distributed themselves as file attachments in email. These families relied on users double clicking an attachment which would run the malicious code, infect their machines and send itself to more addresses from that computer.

Nowadays, hackers have changed their focus and predominantly use the web for malware distribution. Email messages are still used, but mostly as a way of distributing links to malicious sites, not for carrying malicious file attachments.

A lot of the spam sent from a botnet is for the purpose of increasing the size of that botnet.

Effective anti-spam security in conjunction with endpoint security software should be used to defend against email malware. In addition, user education can raise awareness of email scams and seemingly innocent attachments from strangers.