In the scam, affected users receive an email claiming to be from Google and advertising the latest version of the toolbar, according to web security vendor SurfControl.
However, when PC users click on the email, they're taken to a fake Google Toolbar website that looks similar to the real thing - but with a download option for the fake toolbar.
The advertised download is actually the Win32.Ranky.fw trojan, which attempts to turn infected PCs into bots.
The trojan also allows a remote intruder to route HTTP traffic through an infected PC, according to Sophos.
