A new variant of the Sober worm has surfaced this morning, antivirus specialist F-Secure has warned.

Sober D pretends to be a Microsoft software update that protects against a new version of the MyDoom worm.

Once activated the worm displays a patch loading screen, but harvests email addresses and mails itself out using its own SMTP engine.

The email, written in either English or German, has the headline 'Microsoft alert: please read!' The body text adds: 'New MyDoom virus variant detected - please download this digitally signed attachment.'

Paul Bushen, technical manager at F-Secure UK, told vnunet.com: "The social engineering is good enough to do the job of fooling people.

"People are not learning quickly that Microsoft does not send out emails like this.

"It's like remembering to back up your hard drive regularly: something that's done religiously, but only by those who've been caught out in the past."

Sober A first surfaced in October 2003, again using either English or German text and a variety of social engineering techniques.

The virus has previously been disguised as a Microsoft email and as one from the Recording Industry Association of America.