French photos posing as Facebook email is a malware attack: Sophos

Sophos has pointed out a malware attack of an email in French attached with intimate photos that appear as if sent from Facebook. It is the latest foul by malicious cyber criminals disguised as typical email from Facebook.

This is how the email reads:
Subject: Facebook
Message body:

Bonjour Man, [email address]
Je ne sais pas comment le dire, mais je n'ai tryed avant longtemps de vous envoyer quelques photos, mais j'ai pensé que vous n'êtes pas intéressé à me voir.

Mais maintenant, je vais vous envoyer les photos dans la pièce jointe.  Téléchargez les photos et ils extraient, je suis sûr que vous qu'ils aiment. Le mot de passe est: 123456
Passez une excellente journée.
Attached to the email is a file called

Another malware attack...

Another malware attack


The email is written in French, but Sophos reveals that many may not even notice the poor quality French. Furthermore, Sophos notes that surprisingly the email uses the polite, formal style of French ("vous" rather than "tu"), despite the intimate subject matter. This clearly indicates that the people who have written the email are not native French and have used an online translation tool instead.
For those who don’t understand French, here’s a rough translation of the email:
Subject: Facebook
Message body:
Hello [email address]
I don't know how to tell you this, but I have tried for a long time to send you a few photos, but I thought that you weren't interested in seeing me.



But now, I will send you the photos attached here in this email.
Download the photos and extract them. I'm sure that you will love them. The password is: 123456
Alluring netizens to click on such photos is nothing new, and cyber criminals have been tricking victims into doing so for a long time now. Unfortunately, they succeed greatly at it. Sophos reminds us of such incidents in the past when criminal minds have spammed inboxes with topless supermodel photos to spread Mac malware, and photos of an English football star caught in the act with a prostitute. Receiving and email from perfect strangers offering a host of naked photos is nothing new. Last month, researchers at Symantec reported about a Trojan, called the Milicenso, causing havoc across the globe. The trojan commanded printers to print ‘garbage characters’ until they ran out of paper. The trojan’s payload is often associated with Adware.Eorezo, a piece of adware that’s designed to target French users. Symantec had also suggested that this may not be its actual purpose, but a side effect. Milicenso was first identified in 2010 and uses a number of methods to spread, such as e-mail attachments and scripts hosted on websites. 

Malware has also made its presence at the mobile application stores. Android Market, now known as Google Play is said to be vulnerable to malware. Sophos has pointed out the top 5 malware that have been hitting Google Play, time and again.

Published Date: Jul 19, 2012 06:50 pm | Updated Date: Jul 19, 2012 06:50 pm