A spam campaign claims there has been an
explosion at a nuclear power station in the suburbs of
London.
The malware attack message claims to contain images of victims
from the explosion on 9 September.
The e-mails claim to contain images in an attachment called
victims.zip.
Clicking on the attachment will not open any pictures of the
supposed explosion but
runs a Trojan horse detected by web security firm Sophos as
Troj/Agent-HQE.
Once installed, the malware to spies on the victim's computer
and
allows hackers to steal financial information.
"Rather than use a real-life event, the hackers have turned to
fictional explosions and conspiracy theories, in the hope they will
strike a nerve with potential victims, who will then click on the
attachment without a second thought," said Graham Cluley, senior
technology consultant at Sophos.