More than 15,500 computers in the UK are currently infected by a new powerful malware, with many more potentially at risk, the National Crime Agency said.
GOZeuS is thought to be behind fraudulent transfers of hundreds of millions of pounds globally.
"Our message is simple: update your operating system and make this a regular occurrence, update your security software and use it and, think twice before clicking on links or attachments in unsolicited emails," Andy Archibald, Deputy Director of the NCA's National Cyber Crime Unit, said.
The National Crime Agency is warning people they have two weeks to save their computers from a powerful malicious software as part of a massive consumer education programme to help clean up infected computers.
"The plan is to attack the parasite hard for two weeks while removing as many viable hosts as possible at the same time so that propagation targets will be limited after the attacks subside," Lamar Bailey, director of security research and development at software company Tripwire, said.
The move comes after the FBI in the US was successful in disrupting a hacking network, making security updates by users particularly effective in the short term.
The National Crime Agency is warning people they have two weeks to save their computers from a powerful malicious software attack. The malware called GOZeuS is hiding within attachments in emails and, once downloaded, enables hackers to access computers and scan them for valuable information.
If no data is found, a second malware, known as CryptoLocker, locks the computer, displays a window with a countdown, and demands a ransom to grant access again.
According to the NCA, people are asked to pay 1 Bitcoin (£200 - £300) to regain access to their files.
The NCA is advising people to make sure security software is installed and updated, by running scans and checking that computer operating systems and applications are up to date.
Several technology companies have urged the public to reset their passwords amid fears of a major security problem with a product used to protect people's personal data.
The Heartbleed bug affects OpenSSL, which many companies use to protect sensitive information, including people's password.
A small padlock icon appears on websites using OpenSSL to reassure users, but the loophole in the programme could have left it open to exploitation by hackers.
Blogging platform Tumblr posted a public notice about the bug, advising users to "take some time to change your passwords everywhere - especially your high-security services like email, file storage, and banking".
Finnish security company Codenomicon also said it would be "a good idea" to change potentially vulnerable passwords.
Millions of users of the social networking site LinkedIn have been told to reset their passwords after security information was stolen.
IT security and data protection firm Sophos said the leaked encrypted data does not include associated email addresses but warned that hackers will be working to crack the "unsalted" password hashes and "it is reasonable to assume that such information may be in the hands of the criminals".
It would seem sensible to suggest to all LinkedIn users that they change their passwords as soon as possible as a precautionary step.
"Of course, make sure that the password you use is unique - in other words, not used on any other websites - and that it is hard to crack.
"If you were using the same passwords on other websites, make sure to change them too. And never again use the same password on multiple websites."
– Graham Cluley, senior technology consultant at Sophos