Beware of 7-Zip Archive (.7z) Malicious Email Attachments

Updated: August 30, 2017 2017-08-30T22:20:38 -
Posted: August 30, 2017 2017-08-30T22:11:15
Views: 1,415
Comments: 8

Online users who have received unexpected email messages with attached files with names ending with ".7z" are asked not to open them. This is because the fake email messages are being sent by cyber criminals and the attachments are 7-Zip compressed archived files that contain malware, malicious programs or computer viruses. And, any attempt to open the malicious attachments will result in the recipients getting their computers infected with a virus, Trojan horse, spyware, ransomware or other malware.

Please continue reading below.

A Sample of a Malicious 7-Zip Archive (.7z) Email Message

Subject: Emailed Invoice - 107681:1

Date: Wed 30/08/2017 22:04

From: Nickolas Leonard

Attachment: I_107681-1.7z (3 KB)

As requested

regards

--

Nickolas Leonard

The 7-Zip compression is similar to ZIP which is the most popular file compression or archive formats.

Cyber criminals usually store their malware in compressed files to help prevent antivirus software from detecting them. In other words, they do it because the compressed malicious email attachments may bypass the recipients' antivirus software.

What is a 7-Zip file?

Files with the extension .7z are compressed archive files created with 7-Zip open source software. These files are created using a compression method called LZMA, which is an algorithm for lossless data compression—a type of compression known for reducing file size while preserving quality.

Note: Some of the names, addresses, email addresses and telephone numbers in email samples on this website may have been impersonated.

Please share what you know or ask a question about this article by leaving a comment below. Also, check the comment section below for additional information, if there is any.

Remember to forward suspicious, malicious, or phishing email messages to us at the following email address: info@onlinethreatalerts.com

Also, report missing persons, scams, untrustworthy, or fraudulent websites to us. Tell us why you consider the websites untrustworthy or fraudulent.

If you want to quickly find answers to your questions, use our search engine.

You can help maintain Online Threat Alerts by paying a service fee. Click here to make payment.

Comments, Questions, Answers, or Reviews

(Total: 8)

To help protect your privacy, please do not post or remove, your full name, telephone number, email address, username, password, account number, credit card information, home address or other sensitive information in or from your comments, questions, or reviews. Also, anonymous posts cannot be deleted or edited, and when you make a post, we will use your IP address to display your approximate location to other users.

Please continue reading below.

The comments or reviews below do not necessarily reflect the views of Online Threat Alerts.

Dec 27, 2017 at 11:10 PM by an anonymous user from Quezon City, National Capital Region, Philippines
Hi! Just received one attachment via facebook messenger with a file as video_8095.mp4.7z as an attachment. The messenger app cannot view it but is seen from the browser. Is this also the same malware infected program? I am hesitant to open it.
remove
- Dec 28, 2017 at 9:43 PM by an anonymous user from San Juan City, National Capital Region, Philippines
  Got also one today. Did't open it.
  remove
- Dec 28, 2017 at 12:11 PM by an anonymous user from Tacloban City, Eastern Visayas, Philippines
  dont open it! mobile phone messenger cant open it since its not intended to ran on mobile phones, and just what the article said it will infect your pc.. so it is intended to harm your computer..
  remove
Dec 26, 2017 at 12:05 PM by an anonymous user from Safety Harbor, Florida, United States
12/26/2017
Received similar .7z attachment email

Sender (Terrell@mail316.us3.mcdlv.net)

Attachment: CCE26122017_006144.7Z

Attachment naming scheme seems to be letters (CCE) followed by today's date (26122017) = 26-12-2017.
remove
Dec 20, 2017 at 9:32 PM by info
Here is another scam:

"Voicemail from 01770405763 <01770405763> 2m 22s
Message From "01770405763" 01770405763
Created: Thu, 21 Dec 2017 07:54:00 0700
Duration: 2m 22s
Attachment: msg_21_12_01770405763-8442763.7z 2 KB"
remove
Sep 29, 2017 at 11:34 AM by info
Here is another scam:

"Invoice
Fri 29/09/2017 11:30
From: "Roberto Kilner"
Attachment: 869572.7z

Hi,

Invoice attached for the Office365 account.
Regards
Roberto Kilner"
remove
Sep 27, 2017 at 1:38 AM by info
Here is another scam:

"Subject: Invoice PIS3021721
Date: Tue 26/09/2017 23:25
From: AutoPosted PI Notifier
Attachment: InvoicePIS3021721.7z

Please find Invoice PIS3021721 attached."
remove
Sep 3, 2017 at 8:15 PM by info
Received the following question via a Facebook message:

"Is the app 7 Zip itself malware?"

Answer:

No, 7-Zip is not a malware. It is a legitimate and free file compression format used to reduce the size of files.

But, cyber criminals are using it to store their malware in, to help prevent antivirus software from detecting them.
remove

Show More Comments (8)

Show all

Write Your Comment, Question, Answer, or Review

Write your comment, question or review in the box below to share what you know or to get answers. Please revisit after an hour or more to view reponses or answers to you questions.

Your comment, question or review will be posted as an anonymous user because you are not signed in. Sign-in.

Trending Now
- » The "Coca Cola Asian Promotion 2019" Lottery Scam - Lottery - Donation - Inheritance Scams - Ponzi Schemes
  - 2019-03-27T01:29:11
  - Views: 3,121
  - 32 Comments
- » The "Powerball Email Lottery" Scam Being Sent by Scammers - Lottery - Donation - Inheritance Scams - Ponzi Schemes
  - 2019-03-17T14:36:45
  - Views: 1,280
  - 11 Comments
- » Beware of "VIBER International Balloting Award Programme" Lottery Scam - Lottery - Donation - Inheritance Scams - Ponzi Schemes
  - 2017-08-24T04:54:10
  - Views: 106,626
  - 289 Comments
- » The "Coca Cola Mobile Draw 2018 UK" Lottery Scam - Lottery - Donation - Inheritance Scams - Ponzi Schemes
  - 2018-04-27T10:01:37
  - Views: 39,366
  - 125 Comments
- » Beware of "Samsung S9 for $1 Only" Scam Being Sent by Scammers - Spamming - Adware
  - 2018-06-06T06:11:38
  - Views: 3,170
  - 8 Comments
- » The "Qatar Airways E-Ticket" Phishing Email Scam - Phishing - Scamming - Fraud - Identity Theft
  - 2019-04-18T15:30:58
  - Views: 69
  - 0 Comment
- » Is Newport Apparel a Trustworthy Clothing Online Store? - Public Review Community
  - 2019-03-03T14:04:16
  - Views: 1,578
  - 4 Comments
- » Beware of "Pepsi International Award 2018" Lottery Scam - Lottery - Donation - Inheritance Scams - Ponzi Schemes
  - 2018-02-11T07:00:30
  - Views: 33,548
  - 340 Comments
- » Luckyethub.com is a Fake Online Store Created by Scammers - Suspicious
  - 2019-01-02T03:00:23
  - Views: 2,929
  - 6 Comments
- » Beware of "International Society of Business Leaders and Executives & Professionals" Scam - Phishing - Scamming - Fraud - Identity Theft
  - 2016-02-23T11:11:36
  - Views: 20,503
  - 119 Comments

Beware of 7-Zip Archive (.7z) Malicious Email Attachments

A Sample of a Malicious 7-Zip Archive (.7z) Email Message

What is a 7-Zip file?

Comments, Questions, Answers, or Reviews

Write Your Comment, Question, Answer, or Review

Trending Now