The LZH File Archive Compression Malicious Email Attachments

The LZH File Archive Compression Malicious Email Attachments

Would you share this Article with others?

Online users who have received unexpected email messages with attached files with names ending with ".LZH" are asked not to open them. This is because the fake email messages are being sent by cybercriminals and the attachments are .LZH compressed archived files that contain malware, malicious programs or computer viruses. And, any attempt to open the malicious attachments will result in the recipients getting their computers infected with a virus, Trojan horse, spyware, ransomware or other malware.

A Malicious ".LZH" File Archive Compression Email Message

From: COURT ORDER legal@highcourt.com.au

Attachment: Court_Order.pdf (137 KB)

CASE_031952073.lzh (366 KB)

--- Notice to appear in Court #0368759073 ----

You are requested to appear in court on Monday the 27th of November 2018 at 10:00 AM.

Please, do not forget to bring all the documents related to this case.

Herein attached are the Court Order and other documents pertaining to this case.

ACE ID is: CASE#031952073

Note: The case will be heard by the judge in your absence (if you do not appear in court).

Yours faithfully,

Jane Schmitt,

Clerk of Court.

The .LZH compression is similar to ZIP which is the most popular file compression or archive formats.

Cybercriminals usually store their malware in compressed files to help prevent antivirus software from detecting them. In other words, they do it because the compressed malicious email attachments may bypass the recipients' antivirus software.

What is a ".LZH" file?

LHA is a freeware compression utility and associated file format. It was created in 1988 by Haruyasu Yoshizaki, and originally named LHarc. A complete rewrite of LHarc, tentatively named LHx, was eventually released as LH. It was then renamed to LHA to avoid conflicting with the then-new MS-DOS 5.0 LH command.

Note: Some of the names, addresses, email addresses, telephone numbers or other information in samples on this website may have been impersonated or spoofed.

Please share what you know or ask a question about this article by leaving a comment below. Check the comment section below for additional information, if there is any. Remember to forward suspicious, malicious, or phishing email messages to us at the following email address: info@onlinethreatalerts.com. And, report missing persons, scams, untrustworthy, or fraudulent websites to us. Tell us why you consider the websites untrustworthy or fraudulent. Also, to quickly find answers to your questions, use our search engine.

You can help maintain Online Threat Alerts (OTA) by paying a service fee. Click here to make payment.

Comments, Questions, Answers, or Reviews
There are no comments as yet, please leave one below or revisit.

To help protect your privacy, please do not post or remove, your full name, telephone number, email address, username, password, account number, credit card information, home address or other sensitive information in or from your comments, questions, or reviews.

Write Your Comment, Question, Answer, or Review
Write your comment, question, answer, or review in the box below to share what you know or to get answers. NB: We will use your IP address to display your approximate location to other users.
Your comment, question, answer, or review will be posted as an anonymous user because you are not signed in. Anonymous posts cannot be edited or deleted. Sign-in.

The LZH File Archive Compression Malicious Email Attachments