The firm says that hackers seem to be trying to trick users into infecting their computer with malware, using emails that claim to come from order-update@amazon.com.
Unlike regular emails from the dot com giant, Sophos reports that these messages have a malicious malware file attached designed to run a trojan horse on your PC.
And, apparently in an attempt to entice users to open the dangerous attachment, the emails have embedded inside of them an image of a familiar half-opened Amazon branded package.
Sophos says it is detecting the attached malware files as Troj/CryptBx-Zp and Mal/CryptBox-A.
According to Graham Cluley, senior technology consultant with the company, "as always, be sure that you have kept your computer's defences up to date, and ensure that you never open unsolicited email attachments."
"An email can claim to come from a well-established brand like Amazon, but easily be a forgery created by hackers," he said last night in a blog posting.