Cybercriminals claimed on Friday that the Prime Minister's email account has been hacked, in the latest attempt to attack PCs with malware.
On the same day Tony Blair won a third term in government, a spam message was sent out stating that malicious hackers had penetrated his email account.
The email contains a link to a Web site that can infect computers that accessed it with password-stealing Trojan horses, antivirus company Sophos claimed.
"Clicking on the link takes users to a Web site which invisibly installs a Trojan horse on the victim's computer," said Graham Cluley, senior technology consultant for Sophos. "This then attempts to install other malicious code onto the infected computer [including] a password stealer which can be used by hackers for grabbing sensitive information.
"The computer underground knew that many in Britain would be following the latest political news this morning, and have deliberately created a bogus story about Blair's email account being hacked to lure people into clicking on their malicious link. Everyone should exercise extreme care about how they respond to unsolicited emails, and ensure their antivirus and anti-spam software is kept up-to-date," Cluley added.
The email arrives with the subject line: "BBC: Tony Blair email account hacked!"
One of the Trojan horses, PWSAgent-A, attempts to steal Outlook account manager passwords, and POP3, HTTP and ISP email addresses. Other malicious code downloaded in the attack is still being examined, Sophos said.
But those responsible seem to have made a mistake, said Cluley.
"Curiously it appears that the people in this election night hack attack may have had a small hiccup. It appears that the email messages were supposed to display a photograph of Tony Blair from the BBC Web site to lend it credence, but an elementary mistake in their HTML coding has meant only the text of the message is displayed rather than a picture of the Prime Minister," he said.
In 2003, an Internet worm displayed a scathing attack on the policies of Tony Blair's government and attempted to launch a denial-of-service attack against the 10 Downing Street Web site.