McDonald’s email new bait to infect users

PandaLabs has detected an email message claiming to be a special Christmas offer from McDonald’s, but which really spreads the P2PShared.U worm.
The email subject is “Mcdonalds wishes you Merry Christmas!” while the message text reads as follows:
“McDonald's is proud to present our latest discount menu. Simply print the coupon from this Email and head to your local McDonald's for FREE giveaways and AWESOME savings.”
To make the message look more authentic, the sender's address shows the “mcdonalds.com” domain. The message also contains a drop–down menu for the targeted user to choose their country, a cunning detail given the fact the emails claim to come from a multinational company such as McDonald’s.
This malicious code also uses a different set of emails to spread. In this case, the message subject is “You have recieved (sic) a Hallmark E-Card from your friend”.
The message text prompts users to download and run the attached message in order to open the card.
In both cases, if the user follows the instructions in the email, downloads the attachment and tries to open it, they will actually be downloading a copy of P2PShared.U and will install it on their computer.
“These emails use social engineering in different ways. Both emails attract users’ attention with Christmas-related subjects. However, the first email also exploits the financial crisis by inviting users to download a coupon for gifts and savings; a very effective lure", explained Luis Corrons, technical director of PandaLabs.
Once on the computer, the worm sends out emails with the same subject and appearance to other users.
Finally, it copies itself to folders of various P2P file-sharing programs (eMule, LimeWire, Morpheus, etc.) with names relating to security software, image editing programmes, programme cracks, etc. This way, any user that tries to download any of these applications will be actually letting a copy of the worm into their computer.
To avoid these infections Panda advises users not to open messages from unknown senders, and in particular, not to open any attachments they might contain or click any links in them.