A spam campaign claims there has been an explosion at a nuclear power station in the suburbs of London.
The malware attack message claims to contain images of victims from the explosion on 9 September.
The e-mails claim to contain images in an attachment called victims.zip.
Clicking on the attachment will not open any pictures of the supposed explosion but runs a Trojan horse detected by web security firm Sophos as Troj/Agent-HQE.
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
Once installed, the malware to spies on the victim's computer and allows hackers to steal financial information.
"Rather than use a real-life event, the hackers have turned to fictional explosions and conspiracy theories, in the hope they will strike a nerve with potential victims, who will then click on the attachment without a second thought," said Graham Cluley, senior technology consultant at Sophos.