Net scum have bashed florists with distributed denial of service attacks over Valentine's Day in a bid to extract ransoms, security analysts say.

The attacks affected almost a dozen florists who were customers of security company Incapsula, and likely many others not monitored by the firm.

Security bods Ofer Gayer and Tim Matthews say one of their florist customers received a ransom note after a distributed denial of service attack.

"Of those sites (with inflated traffic), 23 per cent showed a sharp increase in attack traffic," the pair say.

"There does not appear to be a trend in attacks against all online florists, but rather targeted attacks."

Some sites received attacks that sent a flood of over 20,000 requests a second. In one instance the content distribution network provider counted the attack as legitimate traffic, bringing down the site "with a great loss of revenue".

Attackers are in some instances attempting to exploit the Shellshock vulnerability against florists in a bid to breach the sites.

Distributed denial of service attacks are a common extortion tool in the lead up to big public events. Betting companies are understood to routinely pay off attackers who threaten to knock the sites offline during major sporting events.

Attack traffic spiking for one customer.

Retailers too are said in industry circles to be happy to pay attackers to hold off distributed denial of service attacks during huge shopping days.

ProtonMail paid off its packet-smashing attackers with a lone Bitcoin to one of two distributed denial of service thug who continued to deluge it with traffic days after. ®