These seem to go through waves and surges, with the first ones years ago being very simple "a package failed to be delivered, please print out the attached file to chase it up".... when in fact it is just a zip file attachment, and the emails come from random email addresses.
Over time, the emails are becoming more creative, and more realistic, often copying formats and sender addresses of legit sources... which could easily fool those new to these scams, or less educated (especially the elderly). Things like, being told that a bank transfer had failed and needs your attention, or a purchase receipt that would prompt you to check the details in case your card details were stolen, a paypal/bank/ISP requesting an update of your details (or that your account had been suspended, requiring you to log in to the provided link to fix it), or airline/hotel bookings which also have you worried that someone has been charging your credit card....

But this weeks was one that was claiming to be an offer from Groupon, suggested by "a friend", but with some shoddy grammar, plus the attachment being a zip file, and the source email (not the sender email) being something random... I knew that this was fake, but also knew that this sort of tease/bait of free/cheap stuff could end up being more effective in making people access the Zip file.

So my question is this - has anyone ever accessed the Zip file to see what is in it? Or, is it safe to decompress the contents of a Zip file, without it activating a virus/trojan/worm, just to see what is actually in it? I wouldn't have thought so, but I just wanted to be sure.


Ultimately, the point of this is to serve as a reminder/warning, to never open attachments unless you know for sure what it is, and where it has come from.... especially as they seem to be getting sneakier in replicating official emails and baiting people to open them.

I think the general guideline for dealing with emails from unknown sources is to move them into trash.

I have never opened any file (zip or otherwise) from sources purporting to be from people I know.

Another giveaway is to hover the mouse over any links in the email - this usually gives you the actual URL of the link, not what the email specifies.

Although it's technically possible to spoof the mouse over URL, I have not seen this in spam emails yet.

I do trash them, but was just curious of what they have in them.
And yes, hovering over the links can be a clue, if it asks you to click on the link to update your details... and yet it goes to some unusual foreign country (based on the country code prefix in the domain).
But the ones with zip attachments, usually have the right homepage links in the emails (like this latest Groupon one)... because they want you to open the attachment, not go to the website. And if you did check the link, you'd end up thinking it was a legit email because it went to the homepage.

I'd be very wary about opening any attachments. From experiences (not my own) they tend to have some really nasty viruses activate when you unzip the file. Or some can lay dormant for a period of time and then activate. I have had enough nasty viruses invade my computer to know to not to trust some things like that.

Some particularly nasty ones can watch where you visit, say net banking, and steal your login details and such. Some can take control of your compute remotely from a hacker. I have had to do a full system restore when they hit, and its not a fun task.

On a side note, make sure you back up your system every so often and do a full virus scan and malware scan to keep your computer in check.

If you're ever unsure about an email, google either the subject or first line within the email. More often than not you'll find someone has reported it as malicious spam. Save yourself the hassle of reformatting your computer.