According to Websense, the malware-loaded emails look very attractive but, if users click to the pages in question, they can get a nasty surprise.
The IT security vendor says that the attack methodology is similar to ones of a few months ago where tax-related spam lured the unwary to click on a link and install malware code on their computers.
This time users are lured in with tempting retail offers from the likes of Best Buy and Macy's, but when they click through, they are prompted to run a malicious executable called antivirus_24.exe.
"Adding to virus notification pop-ups in system trays, this 'system update' notification window appears to be the latest addition in their fake antivirus concoction", says Websense in its latest security blog.
According to the IT security vendor, the firm's real-time analytics can pro-actively identify this type of malware threat, and, thanks to the firm's ThreatSeeker 'collective intelligence pool' it can block the URLs in the spammed messages.