Internet and messaging security firm Websense has uncovered its first Christmas virus scam, and we aren't even out of November.

The scam, which is so devilish it can only have come from the Grinch, offers a lucky email recipient the chance to feel like they have the sort of friends who send out tedious e-cards, but has a nasty little payload.

Yep, apparently some swine has spoofed a reputable firm's type of message and put a stinky pile of malicious code in the back of it. Websense said that a URL within the postcard leads the recipient to a .exe file. If downloaded, this creates a backdoor on their computer which allows access to and control of the compromised machine. And all this from a Christmas message celebrating the season of goodwill.

However, it's difficult to not be dismayed with the type of person who would be conned by such a virus. "During the install process an image called xmas.jpg is displayed to the user as a distraction technique," Websense explains. A distraction technique - what are they, monkeys? It's amazing the impact a picture of some elves in Santa's grotto can have on IT security best practice.

Author: David Neal