A spam campaign claims there has been an explosion at a nuclear power station in the suburbs of London.
The malware attack message claims to contain images of victims from the explosion on 9 September.
The e-mails claim to contain images in an attachment called victims.zip.
Clicking on the attachment will not open any pictures of the supposed explosion but runs a Trojan horse detected by web security firm Sophos as Troj/Agent-HQE.
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
Once installed, the malware to spies on the victim's computer and allows hackers to steal financial information.
"Rather than use a real-life event, the hackers have turned to fictional explosions and conspiracy theories, in the hope they will strike a nerve with potential victims, who will then click on the attachment without a second thought," said Graham Cluley, senior technology consultant at Sophos.