Beware of .TAR Malicious Email Attachments

Beware of .TAR Malicious Email Attachments

Would you share this article with others to help inform them?

Online users who have received unexpected email messages with attached files with names ending with ".tar" are asked not to open them. This is because the attachments are encoded files that may contain malware, malicious programs or viruses. And, any attempt to open the malicious attachments will result in the recipients getting their computers infected with a virus, Trojan horse, spyware, ransomware or other malware.

Please continue reading below.

A Sample of a Malicious ".TAR" Email Message

Swift copy of payment

Thu 3/14/2019 1:42 PM

From: "Accounts officer"

Attachment: Payment.tar (127 KB)

Good Day,

Be informed that we have made the advance payment.

Kindly find the attached swift copy of payment made this morning.

Kindly do the needful.


Sarah Cline

Accounts officer


Mobile: +966 50 352 7781

Cybercriminals usually store their malware in compressed or '.TAR' files to help prevent antivirus software from detecting them. In other words, they do it because the compressed or encoded malicious email attachments may bypass the recipients' antivirus software.

What is a .TAR file?

Short for Tape Archive, and sometimes referred to as tarball, a file that has the TAR file extension is a file in the Consolidated Unix Archive format.

The TAR file format is common in Linux and Unix systems, but only for storing data, not compressing it. TAR files are often compressed after being created, but those become TGZ files, using the TGZ, TAR.GZ, or GZ extension.

Note: Some of the names, addresses, email addresses and telephone numbers in email samples on this website may have been impersonated.

Please share what you know or ask a question about this article by leaving a comment below. Also, check the comment section below for additional information, if there is any.

Remember to forward suspicious, malicious, or phishing email messages to us at the following email address: info@onlinethreatalerts.com

Also, report missing persons, scams, untrustworthy, or fraudulent websites to us. Tell us why you consider the websites untrustworthy or fraudulent.

If you want to quickly find answers to your questions, use our search engine.

You can help maintain Online Threat Alerts by paying a service fee. Click here to make payment.

Comments, Questions, Answers, or Reviews
(Total: 0)

To help protect your privacy, please do not post or remove, your full name, telephone number, email address, username, password, account number, credit card information, home address or other sensitive information in or from your comments, questions, or reviews. Also, anonymous posts cannot be deleted or edited, and when you make a post, we will use your IP address to display your approximate location to other users.

Please continue reading below.

Write Your Comment, Question, Answer, or Review
Write your comment, question or review in the box below to share what you know or to get answers. Please revisit after an hour or more to view reponses or answers to you questions.

Your comment, question or review will be posted as an anonymous user because you are not signed in. Sign-in.