A Sample of a Malicious ".TAR" Email Message
Swift copy of payment
Thu 3/14/2019 1:42 PM
From: "Accounts officer"
Attachment: Payment.tar (127 KB)
Be informed that we have made the advance payment.
Kindly find the attached swift copy of payment made this morning.
Kindly do the needful.
FAZ GENERAL TRADING
Mobile: +966 50 352 7781
Cybercriminals usually store their malware in compressed or '.TAR' files to help prevent antivirus software from detecting them. In other words, they do it because the compressed or encoded malicious email attachments may bypass the recipients' antivirus software.
What is a .TAR file?
Short for Tape Archive, and sometimes referred to as tarball, a file that has the TAR file extension is a file in the Consolidated Unix Archive format.
The TAR file format is common in Linux and Unix systems, but only for storing data, not compressing it. TAR files are often compressed after being created, but those become TGZ files, using the TGZ, TAR.GZ, or GZ extension.