The emails claim to be from a member of the recipient's IT team warning that their system has been compromised and is distributing spam. The emails, which carry the subject line 'Spam Report', were first detected at 3.25am yesterday.
BlackSpider said that only one vendor has so far released a patch, and that it has caught less than 50 per cent of the Trojans quarantined by BlackSpider's detection technology.
The attachment, which contains Trojan-Downloader.Win32.Small.arf, is a small executable report.log.exe file of 16KB size. If executed it downloads harmful content from an external website.
Security firm Messagelabs has detected 54,000 copies of the Trojan email.
The emails use typical social engineering techniques designed to encourage recipients to download the Trojan attachment. The message body reads:
"Your email account was used to send a huge amount of unsolicited spam messages during the recent week. If you could please take 5-10 minutes out of your online experience and confirm the attached document so you will not run into problems with the online service.
If you choose to ignore our request, you leave us no choice but to cancel your membership. Virtually yours, Network Administrator Team."
John Cheney, chief executive at BlackSpider, said: "This email has a fairly unusual social engineering aspect to it that we haven't seen before.
"What we are seeing is a growth in spam that uses wording that taps into the fears and concerns of specific users. This makes it more likely that they are tr icked into downloading the malicious attachment."
Japanese researchers develop a flexible screen worn on the skin that they claim can monitor patients' heart rate and other vitals
ZenFone 5 Pro appears to boast a Snapdragon 845 SOC, an Adreno 630 GPU and 6GB of RAM
Pilot project will serve 300 homes to start with
The IoT faces significant compatibility challenges, which could be avoided for blockchain by adopting Hyperledger