The malicious e-greeting messages direct the recipient to click on a link that takes them to a normal looking e-greeting card. Behind the HTML is Java script that gathers vital computer settings, such as operating system, browser, virtual machine and anti-virus settings, and then downloads a Trojan best suited for infecting the machine.

The attackers hope to turn the computer in zombies for sending illegal spam messages, or to install key-loggers in order to try to steal passwords used in online banking or other websites.