Up to a million computers have already been infected by software that steals bank details and demands a ransom.
Computer users are being urged to protect their machines from malware which allows hackers to steal financial data.
British investigators have been working with the FBI to trace the hackers behind ongoing attacks, and the botnet system used by the targets has been temporarily disrupted.
But the UK’s National Crime Agency says people have just two weeks before the system could be functioning again, and urged people to protect their computers from an expected “powerful computer attack”.
Between 500,000 and one million machines have so far been infected worldwide, according to court documents.
US officials have accused a Russian hacker of masterminding the scam – and prosecutors say those involved have already raked in more than $100m (£60m).
The NCA is urging people to back up important files and make sure their security software and operating system are up to date.
Two pieces of malware software known as GOZeuS and CryptoLocker are responsible for the alert.
They typically infect a computer via attachments or links in emails.
If a user clicks on GOZeuS, it silently monitors activity and tries to capture information such as bank details.
“(The links or attachments) may look like they have been sent by genuine contacts and may purport to carry invoices, voicemail messages, or any file made to look innocuous,” the NCA warned.
“These emails are generated by other victims’ computers, who do not realise they are infected, and are used to send mass emails creating more victims.”
The Cryptolocker malware is activated if the first attack is not profitable enough.
It locks a user from their files and threatens to delete them unless a “ransom” of several hundred pounds is paid.
Some 234,000 machines were hit by Cryptolocker – bringing in $27m (£16m) in payments – in its first two months, the US Justice Department said.
More than 15,500 computers in the UK are infected and “many more” are at risk, according to the NCA.
Stewart Garrick, a senior investigator with the NCA, told Sky News the threat was mainly against individuals or businesses running Windows-based computers.
Thirty-year-old Russian Evgeniy Bogachev is the alleged leader of the gang behind the attacks, FBI executive assistant director Robert Anderson told a news conference in Washington DC.
US and other agents seized servers around the world this weekend and freed 300,000 computers from the infection.
“They (the FBI) have disrupted the network and taken control of it,” said Sky’s Tom Cheshire.
“So when the hackers try to speak to the computer that’s affected, that line of communication has been cut off.
“You now have a chance to clean up. The first thing you should do is update your operating system – especially if you’re on Windows, then look to scan your computer for viruses and it should be able to find it.”
For more information visit www.getsafeonline.org/nca.