A widspread coordinated attack has been unleashed today using a variant of the Storm worm.
Around 142 million emails have been spammed out containing URLs leading to web pages infected with the malware.
The emails typically claim that an electronic card has been sent to the recipient and that it can be viewed at the enclosed URL.
"Virus writers are avoiding the Christmas rush and getting started now," said Peter Lorant, senior director at Postini which warned of the attack.
"The virus distributors used to start in September, but now they are kicking off in the usually quiet month of July. This is the second attack this month using the same variant of malware."
The first attack occurred from 2 July to 9 July. It generated 123 million messages, three times more than any attack in the past two years. But in the earlier attack the malware was sent out in an attachment, whereas this is a web only attack.
In general the sites hosting the malware have been generated by the malware writers, but a small number are hacked pages of legitimate companies.
Lorant warned that companies need to take greater care of their own sites to avoid being a vector for malware.
"Of the millions of hacked sites out there 99 per cent are small and medium sized businesses or personal sites," he said.
"Typically a small business paid a couple of thousand pounds to get the site up and they do not update it. They need to take stronger measures to avoid being used to spread malware."
Kicking Palantir off of AWS is among their demands, too
Rafaela Vasquez was watching The Voice at the time of the crash, new evidence shows
PUBG price slashed on Steam after selling more than 50 million copies - as daily player numbers plunge
Use the same password for every website? It might be time to change them all