New Delhi : Sophos, IT security and data protection firm has detected malware attack of furtive French photos feign as Facebook.

Malware attacks spammed to your inbox, posing as intimate photographs, are nothing new of course.

We’ve seen plenty of examples of such tactics being used by cybercriminals in the past: topless supermodel photos used to spread Mac malware, photos of an English football star caught in the act with a prostitute offered by Facebook scammers, and complete strangers offering naked pictures as they hunt for a sex partner.You might even suspect that some mischief was afoot.

But worryingly, many people would still find it impossible to resist clicking on the attachment to see more.

We have intercepted a malware campaign in the last 24 hours, which adds a Gallic flavor to things.

Here’s what a typical email looks like:

Message body:

Bonjour Man, [email address]

Je ne sais pas comment le dire, mais je n’ai tryed avant longtemps de vous envoyer quelques photos, mais j’ai pensé que vous n’êtes pas intéressé à me voir.

Mais maintenant, je vais vous envoyer les photos dans la pièce jointe.  Téléchargez les photos et ils extraient, je suis sûr que vous qu’ils aiment. Le mot de passe est: 123456

Passez une excellente journée.

Attached to the email is a file called DC24154.zip.

Clearly, the email above is written in French. But you may not realise that it is written in rather poor quality French.

Interestingly, the email uses the polite formal style of French (“vous” rather than “tu”), which considering its intimate subject matter is somewhat unusual. Chances are that whoever was behind the campaign is not a native French speaker, but has used an online translation tool instead.

If you cannot cope with the quasi-French, here is a translation supplied by Carole Theriault, Senior Security Consultant, Sophos.

Subject: Facebook

Message body:

Hello [email address]

I don’t know how to tell you this, but I have tried for a long time to send you a few photos, but I thought that you weren’t interested in seeing me.

But now, I will send you the photos attached here in this email.

Download the photos and extract them. I’m sure that you will love them. The password is: 123456

Have a great day.

Sophos detects the malware attached to the spammed-out emails as Mal/VB-AER and Troj/ZbotMem-B. The criminals behind the attack may have imagined that encrypting the ZIP with a password would have fooled anti-virus filters but they were mistaken.

Those with long memories may recall that last year Naked Security warned about an English-language malware campaign that was spammed out last year in a very similar style.

Could it be that someone is taking a punt, and has simply taken the wording of an English malware campaign and converted it into French in the hope of finding new victims?

Whether you’re a Francophile or not, don’t allow malware to infect your computer. You should always be suspicious of unsolicited email attachments that are emailed to you out of the blue, and ensure that you have proper defences in place to protect against malware and spam threats.