The emails contain links to headlines such as the 'outbreak of nuclear war' and the 'death' of George W Bush and Vladimir Putin to allow hackers to infect computers and steal information.
The Dref-N worm arrives attached to emails with subject lines such as 'White house news!', 'Incredible news' or 'ATTN TO EVERYBODY!', and tries to dupe recipients by claiming that the attachment contains details of a major global news story.
Opening the attached file disables the Windows firewall and allows hackers to gain access to the PC in order to spy on or steal data.
"Users may think that they are receiving these emails from their friends, family and colleagues, but in fact it is a worm that has infected the sender's computer and distributed the message," said Graham Cluley, senior technology consultant at Sophos.
"While many of these news hooks may sound totally implausible, it is amazing how many users still allow temptation to get the better of them, and click on the infected file.
"The simple advice is that if you suspect a breaking news story, turn on the TV or visit your favourite news website to see if it has any basis in truth."
Sophos said that the text of the email could include any of the following:
'3rd Glogal War Just Started!!! Read more in file!'
'Nuclear War in Russia! Read news in file!'
'President Bush DEAD! Read attached file!'
'Putin and Bush starts NUCLEAR WAR! Check the file!'
'Nuclear WAR in USA! Read attached file!'
'GLOBAL NUCLEAR WAR JUST STARTED! News in file.'
'President Putin dead! Read more in attached file!'
.png&w=120&c=1&s=0)
EDUtech AU
.png&w=120&c=1&s=0)
Security Exhibition & Conference 2025
Integrate Expo 2025
Digital As Usual Cybersecurity Roadshow: Brisbane edition
iTnews Benchmark Security Awards 2025
.jpg&h=140&w=231&c=1&s=0)
.jpg&h=140&w=231&c=1&s=0)
