Warning! JavaScript is turned off or disabled! Some features on this website will not work.
Alerts left arrow right arrow   

Beware of 7-Zip Archive (.7z) Malicious Email Attachments

Comments  +
Beware of 7-Zip Archive (.7z) Malicious Email Attachments

Online users who have received unexpected email messages with attached files with names ending with ".7z" are asked not to open them. This is because the fake email messages are being sent by cyber criminals and the attachments are 7-Zip compressed archived files that contain malware, malicious programs or computer viruses. And, any attempt to open the malicious attachments will result in the recipients getting their computers infected with a virus, Trojan horse, spyware, ransomware or other malware.

Please continue below.

A Sample of a Malicious 7-Zip Archive (.7z) Email Message

Subject: Emailed Invoice - 107681:1

Date: Wed 30/08/2017 22:04

From: Nickolas Leonard

Attachment: I_107681-1.7z (3 KB)

As requested



Nickolas Leonard

The 7-Zip compression is similar to ZIP which is the most popular file compression or archive formats.

Cyber criminals usually store their malware in compressed files to help prevent antivirus software from detecting them. In other words, they do it because the compressed malicious email attachments may bypass the recipients' antivirus software.

What is a 7-Zip file?

Files with the extension .7z are compressed archive files created with 7-Zip open source software. These files are created using a compression method called LZMA, which is an algorithm for lossless data compression—a type of compression known for reducing file size while preserving quality.

Please share with us what you know or ask a question about this article by leaving a comment below. Also, check the comment section below for additional information, if there is any.

Remember to forward malicious or phishing email messages to us at the following email address: info@onlinethreatalerts.com

Share this on:

and/or ContributionDonate

Would you recommend this article to a friend or family member?
Yes (1) No (0)   

Comments, Questions and Reviews
Comment(Total: 8)

To help protect your privacy, please do not post your full name, telephone number, email address, username, password, account number, credit card information or home address in your comments, questions, or reviews.

Write a Comment, Review, or ask a Question or scroll down to view comments, reviews and questions made by others.

The comments or reviews below do not necessarily reflect the views of Online Threat Alerts.

  • Posted: Dec 27, 2017 by an anonymous user from or near: Quezon City, National Capital Region, Philippines

    Hi! Just received one attachment via facebook messenger with a file as video_8095.mp4.7z as an attachment. The messenger app cannot view it but is seen from the browser. Is this also the same malware infected program? I am hesitant to open it.


    • Posted: Dec 28, 2017 by an anonymous user from or near: Quezon City, National Capital Region, Philippines

      Got also one today. Did't open it.


    • Posted: Dec 28, 2017 by an anonymous user from or near: Tacloban City, Eastern Visayas, Philippines

      dont open it! mobile phone messenger cant open it since its not intended to ran on mobile phones, and just what the article said it will infect your pc.. so it is intended to harm your computer..


  • Posted: Dec 26, 2017 by an anonymous user from or near: Tampa, Florida, United States

    Received similar .7z attachment email

    Sender (Terrell@mail316.us3.mcdlv.net)

    Attachment: CCE26122017_006144.7Z

    Attachment naming scheme seems to be letters (CCE) followed by today's date (26122017) = 26-12-2017.


  • Posted: Dec 20, 2017 by info

    Here is another scam:

    "Voicemail from 01770405763 <01770405763> 2m 22s
    Message From "01770405763" 01770405763
    Created: Thu, 21 Dec 2017 07:54:00 0700
    Duration: 2m 22s
    Attachment: msg_21_12_01770405763-8442763.7z 2 KB"


  • Posted: Sep 29, 2017 by info

    Here is another scam:

    Fri 29/09/2017 11:30
    From: "Roberto Kilner"
    Attachment: 869572.7z


    Invoice attached for the Office365 account.
    Roberto Kilner"


  • Posted: Sep 27, 2017 by info

    Here is another scam:

    "Subject: Invoice PIS3021721
    Date: Tue 26/09/2017 23:25
    From: AutoPosted PI Notifier
    Attachment: InvoicePIS3021721.7z

    Please find Invoice PIS3021721 attached."


  • Posted: Sep 3, 2017 by info

    Received the following question via a Facebook message:

    "Is the app 7 Zip itself malware?"


    No, 7-Zip is not a malware. It is a legitimate and free file compression format used to reduce the size of files.

    But, cyber criminals are using it to store their malware in, to help prevent antivirus software from detecting them.


Submit Comment Write Your Comment, Question or Review

Write your comment, question or review in the box below to share what you know or to get answers. Please revisit after an hour or more to view reponses or answers to you questions.
All comments, questions or reviews will be examined for derogatory or indecent statements, spam or malicous code, before they are posted on this website.