Fraudulent emails have been sent out claiming to be from Amazon, potentially affecting thousands of people across the world.
The messages claim to come from a manager at Amazon, thanking the recipient for shopping with the company and telling them they have ordered a Sony Bravia, Sophos found.
Attached to the emails is a file named AMAZON_LABEL_07_07-2010.zip, which is malicious and, if clicked, could leave the user's computer and social networking accounts open to an attack, explained Graham Cluley, senior technology consultant at Sophos.
"If you're befuddled by the email in your inbox out of the blue then the most natural thing in the world might be to open the attachment in an attempt to determine what's going on - especially if you're worried your credit card may have been erroneously charged for some expensive TV hardware," Cluley said in a blog post.
He noted hackers had previously sent out emails, claiming to be shipment updates from Amazon. On one occasion, the fake message said it was for a Sony VAIO laptop order.
This shows just how repetitive the malware world is, Cluley added.
Last month, research from life assistance organisation CPP showed over 420,000 scam emails are sent every hour in the UK.
