Despite the subject matter in a newest wave of spam emails, online scammers never take a vacation.
Hundreds of emails have been making the rounds in the past few days informing people that a hotel made a "wrong transaction" while processing their credit card. In turn, the emails offer recipients a refund.
Gary Warner, director of research in computer forensics at the University of Alabama at Birmingham, wrote that he's spotted 434 slight variants of the scam, with subject titles such as "Hotel Renaissance Chicago made wrong transaction," "Hotel Hilton Las Vegas made wrong transaction," and "Wrong transaction from your credit card in Hilton Atlanta."
To receive the refund from the erroneously charged credit card, victims are told to fill out a form attached to the email.
As with nearly all email scams, the attached form is where the danger lies.
In this case, the malicious file is masked as an executable download called RefundForm.exe, but it's actually a Trojan that installs fake anti-virus software on victims' computers that they are then pressured into paying for.
Warner said the hotel spam messages all appear to be originating from the same botnet of computers that recently spread the "overdue credit card" scam.
If you come across any email telling you you're entitled to a refund from a hotel wrongly charging your credit card, do not click on the attachment, and instead call the hotel directly to resolve the problem.