Beware of WinRAR Archive .R01, .R05, .R15, .R20, .R25 Malicious Email Attachments
Would you share this article with others to help inform them?
A Malicious WinRAR Archive .R01... Email Message
Subject: INVOICE NO 3
Date: Tue 15/08/2017 08:07
From: Sadiya Sayeed
Attachment: INVOICE NO 3.r20
Dear sir/madam,
Find and open attached document by double clicking it, because document is protected.
advice according invoice.
best regards
--
Sadia Saeed
Sales & Technical Manager
Mobile: +63 926 618 1579
+63 998 889 2257
Tel: +63 442 4295
sadia.asn@gmail.com
The .RAR compression is similar to ZIP which is the most popular file compression or archive formats.
Cyber criminals usually store their malware in compressed files to help prevent antivirus software from detecting them. In other words, they do it because the compressed malicious email attachments may bypass the recipients' antivirus software.
What is a ".RAR" file?
RAR is the native format of WinRAR archiver. Like other archives, RAR files are data containers, they store one or several files in the compressed form. The data-containers or split multi-volume RAR compressed files archive use file extensions or names ending with:
".r01", ".r02", ".r03", ,".r04", ".r05", ".r06", ".r07", ".r08", ".r09", ".r10", ".r11", ".r12", ".r13", ".r14", ".r15", ".r16", ".r17", ".r18", ".r19", ".r20", ".r21", ".r22", ".r23", ".r24", ".r25", ".r26", ". r27", ". 28", ". 29", ". 30" and so on.
After you have downloaded RAR file from the Internet, you need to unpack its contents in order to use it.
Note: Some of the names, addresses, email addresses and telephone numbers in email samples on this website may have been impersonated.
Please share what you know or ask a question about this article by leaving a comment below. Also, check the comment section below for additional information, if there is any.
Remember to forward suspicious, malicious, or phishing email messages to us at the following email address: info@onlinethreatalerts.com
Also, report missing persons, scams, untrustworthy, or fraudulent websites to us. Tell us why you consider the websites untrustworthy or fraudulent.
If you want to quickly find answers to your questions, use our search ![]()
engine.
You can help maintain Online Threat Alerts by paying a service fee. Click here to make payment.
Comments, Questions, Answers, or Reviews
![]()
To help protect your privacy, please do not post or remove, your full name, telephone number, email address, username, password, account number, credit card information, home address or other sensitive information in or from your comments, questions, or reviews. Also, anonymous posts cannot be deleted or edited, and when you make a post, we will use your IP address to display your approximate location to other users.
Please continue reading below.
![]()
Show More Comments (1)
Write Your Comment, Question, Answer, or Review
Write your comment, question or review in the box below to share what you know or to get answers. Please revisit after an hour or more to view reponses or answers to you questions.