Hackers are distributing emails that claim to have information about bomb blasts in cities across the world, as a way of infecting PCs with malicious code, says Sophos.
The security firm says a number of web users across the worldwide have received hoax emails with the subject line 'Why did it happen in your city', 'Take Care!' and 'Are you and your friends in good health?'.
Sophos says the emails claim 18 people have been killed in a 'dirty bomb' explosion and include a link to a video news story on a Reuters-related website. However, the sites are fake and Sophos says any web users clicking the link will be directed to a site that will infect their PC with malicious code.
The hoax sites use smart technology to identify where a web user is in the world, and change the location in the story to reflect this.
"This is a clever piece of social engineering and shows the lengths that cybercriminals will go to in order to trick more potential victims," said Graham Cluley, senior technology consultant at Sophos.
"If you visit the webpage from Southampton, Bristol or London it is likely to claim that the bomb blast has occurred there. There are the usual clues that the observant computer user will recognise as spam - poor spelling and grammar being the key one - but the danger is that other less wary users won't notice this and will become engrossed in the story without realising that their PC is being infected as they read."