Hackers are using hoax emails that appear to come from airlines as a way to spread malicious Trojans, according to Sophos.
The security firm said emails disguised as messages from well-known carriers such as Virgin Atlantic and Delta have been received by web users worldwide. The email claims the recipient has registered an account with the airline and that their credit card has been charged. Also attached to the email is a Zip file called 'purchase invoice and your airline ticket'.
Sophos is warning web users not to open this attachment as it contains a Trojan horse designed to steal information or allow hackers to secretly access the victim's computer.
"These hackers are relying on the red mist of fury to blind you from common sense," said Graham Cluley, senior technology consultant at Sophos.
"Many people will be arranging flights to visit families and loved ones over the Christmas break and may think that one of these spam messages is a genuine error. Anyone who makes flight bookings online should be careful when checking their inboxes for correspondence and wary of opening attachments."