An email posing as a greetings card has been responsible for a series of PC infections over the past few days.
The message instructs users to follow the enclosed link to pick up an electronic card from a "secret admirer". When they visit the web page it automatically attempts to download the Dloader-UT Trojan.
"You may think you've received an electronic greetings card from a secret admirer, but in fact it's a hacker who is going to be showing an unhealthy interest in you," said Carole Theriault, senior technology consultant at Sophos.
"People really need to think twice before they click on a web link in an unsolicited email, as they risk putting their data and finances in danger.
"We are seeing more and more Trojan creators and spyware authors using spam technology in an attempt to maximise the number of people infected."
Once installed the Trojan provides full control of an infected PC, allowing the hacker to install software on the system or use it for spamming or as part of an attack against an online target.
Other security companies have warned about the dangers of online greetings cards. Zafi-D was spread initially using this method, and the infamous Friend Greetings malware legally copied users' address books by including a section in the terms and conditions clause of the software.
Dr Kuan Hon criticises GDPR consent emails that will only eviscerate marketing databases and 'media misinformation'
Apple squashes Steam Link app on 'business conflicts' grounds
Philip Hammond wants to forget rules that the UK agreed with the EU to ban non-European companies from the satellites
Instapaper to 'go dark' in Europe until it can work out GDPR compliance