Spammers often change their subject lines in a bid to escape detection and filters. But there are some tried, tested and true subject lines they keep returning to again and again.

For this week, PayPal topped the list of top spam subject lines, being used in three of the top 10. HSBC Bank Canada came in second with two, according to research from anti-malware vendor McAfee.com.

In terms of the subject matter of spam, gift giving for Christmas is the spammer's best friend. The clear leader is spam for products and services, accounting for 38 percent of spam received, according to McAfee.

"Considering the time of year, that's not surprising," Dave Marcus, security research and communications director of McAfee Avert Labs, told InternetNews.com. Spammers tend to rev up their efforts around special occasions such as the Olympics and the major holidays.

Billing-related e-mails accounted for two of the top 10 subject lines in e-mail, and the list was rounded off with one message each for two types of alerts, and one Spanish-language e-mail subject.

However, subject lines change over time as spammers adjust to the market, its targets and as antispam software gets familiar with existing subject lines.

Listing by subject, Russian-language spam accounted for 29 percent of spam received, and advertisements came in third, at 16 percent. Despite the bad economy, financial spam accounted for only two percent of spam received.

Spam for products and services talks about specific products or services, as compared with advertising spam, which is more general, Marcus said. "We're seeing a lot of stuff that's product- and service-centric, so we're breaking that out into its own category; a year ago we probably wouldn't have been able to do that."

The amount of spam sent in Russian has increased this year because more Internet-related activity is coming out of Russia, Marcus said.

McAfee also wants end-users to be wary of holiday season scams. They include charity phishing scams, holiday e-cards, fake invoices, purported new friends on social networking sites like Facebook, and holiday search-related terms.

Just say no

For example, if you get an e-mail from the Salvation Army, the Red Cross, or any other charitable group asking for donations, do not click on the link in the e-mail, McAfee warns. Instead, go directly to the organization's Web site to donate.

Or, you may get an e-card or worse yet, an e-mail purporting to be from Hallmark asking you to download an attachment to get to your e-card. Remember Nancy Reagan and just say no.

And triple check when you see an invoice or waybill in your e-mail. Spammers are trying to cash in on the online shopping trend, sending fake invoices or waybills from one of the courier companies or the U.S. Customs Service, McAfee said.

These e-mails ask recipients for their credit card information so their account can be credited, or require the recipients to open an invoice or customs form to receive the package. Doing so will download a Trojan or other malware.

This article was first published on InternetNews.com. To read the full article, click here.