Sophos is intercepting a malicious spam attack, which attempts to infect recipient's computers with a Trojan horse by pretending to contain images of the Scandinavian sender.
Here is what a typical malicious email looks like:
Subject: Hei Man,
Attached file: Image123.zip
Jeg vet ikke hvordan jeg skal si det, men jeg har prшvde fшr en lang tid til е sende deg noen bilder, men jeg har tenkt at du ikke er interessert i е se meg.
Men nе skal jeg sende deg bilder i vedlegg.
Last ned bilder og trekke ut de, er jeg sikker pе at du vil like de. Passordet er: 123456
Ha en flott dag.
The message, which appears to be written in Norwegian, roughly translates to:
I do not know how to say it, but I have tried for a long time to send you some pictures, but I've been thinking that you are not interested in seeing me.
But now I'll send you pictures in the attachment.
Download the images and extract them, I'm sure that you will like them. The password is: 123456
Have a great day.
The attached file, named Image123.zip, is encrypted - presumably in an attempt to avoid detection by weaker anti-virus products - but the email message contains the password to unlock the ZIP and reveal the malware to you.
Of course, an attack like this is only likely to trick users who speak Norwegian (or its close linguistic neighbour Danish), but you can imagine how a message claiming to come from a Facebook or Hi5 friend might trick some people into checking out what hides behind the ZIP without thinking.