Security firm Sophos has reported that coupon site Groupon is being used to front malware.
Emails allegedly from the company, with the misspelled subject line of "Groupon dicount gifts," claim that one of your friends has shared a Groupon deal with you. Except they probably haven't.
"Now Groupon.com gives an opportunity to share a discount gift with a friend!" the email reads. "Enjoy your discount gift in the attachement and share it with one of your friend as well."
Groupon did not immediately respond to a request for comment.
The attached file, called "Gift coupon.zip," contains a Trojan virus designed to infect Windows computers, Sophos said.
"Be in a hurry," the email said, warning recipients that the weekend special was "due" in two days. The message had all the makings of a true Groupon newsletter – the company logo, the green border, the additional Groupon advertisements at the bottom.
Sophos did not disclose the sender's email address; it is unclear whether the message came from a Groupon-related account.
The security firm reminded people to keep anti-virus software up to date, and to pay close attention to any messages received.
"It's easy for anyone to make a professional-looking email using the branding of a well-established website in their attempt to lure you into opening an attached file or clicking on a dangerous web link," Sophos' consultant Graham Cluley.
The scheme comes shortly after security researchers discovered OSX/Crisis, a new Mac Trojan that eavesdrops on users by tapping into a computer's webcam, emails, and instant messages.