Warning! JavaScript is turned off or disabled! Some features on this website will not work.

Beware of Fake Emails with a Malicious Zip File Attached that Contains a Virus

2018-02-22T13:05:31  +
Beware of Fake Emails with a Malicious Zip File Attached that Contains a Virus

We have noticed that cyber-criminals are sending out thousands of fake email messages with an attached Zip or compressed file (a file with name ending with '.zip', '.rar', ".gz", or '.cab') that contains a virus or a Trojan horse. The files are sent in a compressed or Zip format to help prevent anti-virus software from detecting and deleting them. And, any attempt by the recipients to open the malicious attachment will result in their computers getting infected with a virus, Trojan horse or some other computer malware.

Please continue below.

The cyber-criminals behind the fake and malicious emails, make them look convincing, by making the emails look as if they were sent from a legitimate company, family or friend, by using a technique called email spoofing.

Email spoofing allows someone to send an email message, and make that message appears as if it came from someone else.

For example:

I can send an email message from my personal email account to my friend, and make the email message appear as if it was sent from “president@whitehouse .gov”. This can be easily done by just changing the "From" address of the email message. So, it doesn't mean that an email message was sent from someone because their email address appears in the "From" address line of the message.

Now, because of this, unexpected email messages with a compressed or Zip file attached should never be opened, regardless of who they appear to have been sent from.

Also, click here for a list of email attachments that you should never open, regardless of who the email message appears to have been sent from.

Now, if you have received one of the fake email messages and have opened the malicious attachment, please do a full scan of your computer with the antivirus software installed on it. If you don’t have antivirus software installed on your computer, please click here for a list of free antivirus software.

Please share with us what you know or ask a question about this article by leaving a comment below. Also, check the comment section below for additional information, if there is any.

Remember to forward suspicious, malicious, or phishing email messages to us at the following email address: info@onlinethreatalerts.com

Also, report scams, untrustworthy, or fraudulent websites to us. Tell us why you consider the websites untrustworthy or fraudulent.

If you want to quickly find answers to your questions, use our search engine.

Comments, Questions and Reviews
(Total: 24)

To help protect your privacy, please do not post or remove, your full name, telephone number, email address, username, password, account number, credit card information, home address or other sensitive information in or from your comments, questions, or reviews.

The comments or reviews below do not necessarily reflect the views of Online Threat Alerts.

  • Posted: 2017-06-23T00:04:28 by info

    Here is another malicious email:

    Thu 22/06/2017 23:44
    From: Joselito
    To: undisclosed-recipients:
    Good day.

    Kindly find the attached our Company official PO#1036-1 dated:22-06-2017 and please confirm on receipts.
    I will send the swift copy of payment once I received the message from our bank.

    Note: we will make PO for the item 29-34 once you confirm the availability. ( awaiting for your quotation.)



  • Posted: 2017-01-08T00:33:16 by an anonymous user from or near: Vail, Arizona, United States

    Here's a couple we got over the holidays:

    FedEx Priority Solutions
    To: [deleted]
    Parcel #00965297 shipment problem, please review

    Dear Customer,

    We can not deliver your parcel arrived at December 25.

    You can find more details in this e-mail attachment!

    With gratitude,
    Bradley Byrd,
    Office Clerk.


    ------- --------- ------------

    USPS Ground Support
    To: [deleted]
    Notification status of your delivery (USPS 0934####)

    Dear Customer,

    We can not deliver your parcel arrived at December 15.

    Please check the attachment for details!

    Yours sincerely,
    Lee Cunningham,
    USPS Senior Office Manager.



  • Posted: 2016-09-29T10:05:48 by info

    Here is another malicious email message that should be deleted if received:

    "Subject: Temporarily blocked
    From: Kelly Conrad (Conrad.415@constructionlawseminars.com)
    Sent: Thu 9/29/16 9:02 AM
    Attachment: debit_card_37763763.zip (11.0 KB)

    Dear info,

    this is to inform you that your Debit Card is temporarily blocked as there were unknown transactions made today.

    We attached the scan of transactions. Please confirm whether you made these transactions.

    King regards,
    Kelly Conrad
    Technical Manager - Online Banking
    e-mail: Conrad.415@constructionlawseminars.com"


  • Posted: 2016-09-29T08:39:53 by info

    Here is another malicious email message:

    "From: Marcella Gibson (Gibson.533@pldt.net)
    Sent: Wed 9/28/16 9:19 PM
    Attachment: contract_scan_9727a6f53.zip (10.7 KB)

    Dear, thanks for working with us.
    We are sending the contract that we agreed on last week.
    Please read through the attachment and return us the scan of the signed contract.

    King regards,
    Marcella Gibson
    Managing Director
    e-mail: Gibson.533@pldt.net"


  • Posted: 2016-09-28T09:31:54 by info

    Here is another malicious email message:

    "From: Gregg Reeves (Reeves.57@wellchosenwords.biz)
    Sent: Wed 9/28/16 7:50 AM
    Attachment: proposal_form_2d3dc889.zip


    You are receiving this email because the company has assigned you as part of the approval team.
    Please review the attached proposal form and make your approval decision.

    If you have any problem regarding the submission, please contact Charmaine.

    Best regards,
    Gregg Reeves
    Head of Finance UKGI Planning"


  • Posted: 2016-09-25T09:45:52 by info

    Here is another malicious email:

    "From: Global Service Exchange
    Subject: Your Apple ID has been locked for security reasons
    Date: Sun 9/25/16 7:36 AM
    Attachment: Case ID_1000531542.zip

    Your Apple ID has been locked for security reasons.

    Dear user,

    You must unlock your account before signing in please download attached file in email .

    Your Case ID: 1000531542

    Apple Support"


  • Posted: 2016-09-22T19:11:21 by info

    Here is another malicious email:

    "From: Corina Dunn (Dunn.168@avertex.com)
    Sent: Thu 9/22/16 5:25 PM
    Attachment: 34bbdfd04ad.zip (11.0 KB)

    Dear info, thank you very much for your order!

    Total amount of $354.57 was charged for your order #D-1732005.

    All the details are in the attachment. Delivery will arrive at 15:00 coming Monday."


  • Posted: 2016-09-22T07:42:50 by info

    Here is another malicious email:

    "From: Mona wilson-barkworth
    Subject: Receipt of payment
    Date: Wed 9/21/16 9:58 PM
    Attachment: Receipt.zip (7.8 KB)

    Good afternoon,

    Thank you for you call this afternoon.

    Please find attached your receipt of payment.

    If you need anything else please feel free to contact me on the details below.

    Kind regards.

    Mona wilson-barkworth
    Credit Controller
    IB GIBL Credit Control"


  • Posted: 2016-09-20T15:17:57 by info

    Here is another fake email with a malicious Zip attachment:

    "From: Luann Watson
    Subject: Out of stock
    Date: Tue 9/20/16 2:39 PM
    Attachment:273c753ea5e1.zip (11.5 KB)

    Dear info, we are very sorry to inform you that the item you requested is out of stock.

    Here is the list of items similar to the ones you requested.

    Please take a look and let us know if you would like to substitute with any of them."


  • Posted: 2016-09-19T14:47:43 by info

    Here is another malicious email:

    "From: Melba Dawson (Dawson.83@chathome.ru)
    Sent: Mon 9/19/16 12:35 PM
    Attachment: 40b9d8e3b88.zip (13.2 KB)

    Dear info, we are currently processing the order #6758264-0902016 you made yesterday.

    Attached is the tracking number (b4f94278954715a5b 9107a100c24f5c0a85db d9b8bedb7daae82e44104f1).

    If you encounter any problem receiving it, please contact us promptly."


  • Posted: 2016-09-19T09:41:26 by info

    Here is another malicious email:

    "Dear info, we have sent your parcel by Express Parcel service.

    The attachment includes the date and time of the arrival and the lists of the items you ordered. Please check them.

    Thank you."


  • Posted: 2016-09-16T18:37:05 by info

    Another fake email with a malicious zip file:

    "From: Evangelina Lawson (Lawson.4890@florapdx.com)
    Sent: Fri 9/16/16 9:35 AM
    Attachments: 224033cd94ec.zip (9.8 KB)

    Dear info, as you inquired, here is the invoice from September 2016.
    Let me know whether it is the correct invoice number you needed or not."


  • Posted: 2016-09-14T11:14:53 by info

    Here is another malicious email message:

    "From: ship-confirm@sanfranphoto.com
    Sent: Wed 9/14/16 10:47 AM

    Attachments: Shipping Notification 00399431.zip


    Attached is a pdf file containing items that have shipped
    Please contact us if there are any questions or further assistance we can provide"


  • Posted: 2016-09-13T21:25:33 by info

    Another malicious email:

    "From: Earline Wynn (Wynn.81@fhscomputerskills.org)
    Attachments: 47101decea0.zip (20.7 KB)

    Good day info, Freeman asked you to file the office equipment receipts.
    Here is the photocopying equipment receipts purchased last week.

    Please send him the complete file as soon as you finish.

    Best regards,
    Earline Wynn"


  • Posted: 2016-09-13T06:29:42 by info

    Here is another malicious email:

    "From: Mara Rosario (Rosario.9666@pigartgraphics.com)
    Sent: Mon 9/12/16 11:25 PM
    Attachments: c0cbd629cd.zip (22.9 KB)

    Dear customer,

    The bank has sent loan confirmation letter. Please review the amount of funds.

    Many thanks,
    Mara Rosario
    Personal Manager"


  • Posted: 2016-09-08T08:34:04 by info

    Here is another email with a virus attached:

    "[Vigor2820 Series] New voice mail message from 01465265636 on 2016/09/08 15:43:48
    voicemail@onlinethreatalerts.com Add to contacts
    Attachment: Message_from_01465265636.wav.zip

    Dear :
    There is a message for you from 01465265636, on 2016/09/08 15:43:48 .
    You might want to check it when you get a chance.Thanks!"


  • Posted: 2016-09-07T14:37:23 by info

    Here is another malicious email:

    "Subject: Invoice #ad5b7-2016
    From: Patrica Higgins (Higgins.130@commutertisements.com)
    Sent: Wed 9/07/16 1:20 PM

    Click for Options

    Download as zipSave to OneDrive
    Dear info, we have attached the debt payment invoice. Please view the due amount.

    Patrica Higgins"


  • Posted: 2016-09-07T10:50:22 by info

    Here is another scam:

    "Hi there,

    Angelia assigned you to make the payment agreement for the new coming employees.

    Here is the agreement form. Please finish it urgently.

    Best Regards,
    Josefa Carrillo
    Support Manager"


  • Posted: 2016-09-06T08:41:22 by info

    Here is another email message to look out for that has a malicious .zip attachment:

    "Hi info, Hai told me you have lost some of the last few months' utility bills.
    So, I am sending to you the copies saved in my computer. Let me know if I sent the right receipts.

    Best Regards,
    Susanna Hardin"


  • Posted: 2016-09-06T01:07:49 by info

    Here is a dangerous email message with a malicious Zip file attached:

    "Hi info, Hai told me you have lost some of the last few months' utility bills.
    So, I am sending to you the copies saved in my computer. Let me know if I sent the right receipts.

    Best Regards,
    Susanna Hardin"


  • Posted: 2016-09-05T08:40:21 by info

    Here is an email with a malicious attachment:

    "From: Octavio Scott
    Subject: Credit card receipt
    Date: Mon 9/05/16 7:29 AM
    Attachment: 3935a0377f9d.zip (11.3 KB)

    Dear info,

    We are sending you the credit card receipt from yesterday. Please match the card number and amount.

    Sincerely yours,
    Octavio Scott
    Account manager"


  • Posted: 2016-08-31T09:52:35 by info

    Here is another sample of a fake email message with a malicious zip file attached that will infect your computer if open:

    "From: Janna Rosario (Rosario.966@ptahx.com.br)
    Sent: Wed 8/31/16 7:43 AM
    Attachment: 1d05a2c661.zip (22.8 KB)

    Good morning info.

    Attached is the bank transactions made from the company during last month.
    Please file these transactions into financial record.

    Yours truly,
    Janna Rosario"


  • Posted: 2015-12-28T08:33:26 by info

    Here is a dangerous email message with a malicious Zip file attached:

    "From: Moradi K.
    Sent: Sunday, December 27, 7:49 PM
    Subject: [SPAM] Re: 1129300
    Attachment: Scan_11293-pdf.zip (Scan_11293-pdf.exe)

    Dear Sir,

    Please find attached PO1129300 for your confirmation, thanks

    Moradi K."


  • Posted: 2015-06-12T06:48:17 by an anonymous user from or near: Arlington, Virginia, United States

    I get the 'notice to appear' and many others with attachments, but I never open them, as in the early days of e-mail, I decided to make it a policy, to never open attachments from anyone, even family, unless I am expecting that particular attachment.


Show More of the 24 Comments

Write Your Comment, Question or Review

Write your comment, question or review in the box below to share what you know or to get answers. Please revisit after an hour or more to view reponses or answers to you questions.

Your comment, question or review will be posted as an anonymous user because you are not signed in. Sign-in.