Results 1 to 5 of 5

Thread: Scam emails with Zip attachments

  1. #1
    Join Date
    24th May 2007
    Location
    Brisbane
    Posts
    38,239

    Default Scam emails with Zip attachments

    These seem to go through waves and surges, with the first ones years ago being very simple "a package failed to be delivered, please print out the attached file to chase it up".... when in fact it is just a zip file attachment, and the emails come from random email addresses.
    Over time, the emails are becoming more creative, and more realistic, often copying formats and sender addresses of legit sources... which could easily fool those new to these scams, or less educated (especially the elderly). Things like, being told that a bank transfer had failed and needs your attention, or a purchase receipt that would prompt you to check the details in case your card details were stolen, a paypal/bank/ISP requesting an update of your details (or that your account had been suspended, requiring you to log in to the provided link to fix it), or airline/hotel bookings which also have you worried that someone has been charging your credit card....

    But this weeks was one that was claiming to be an offer from Groupon, suggested by "a friend", but with some shoddy grammar, plus the attachment being a zip file, and the source email (not the sender email) being something random... I knew that this was fake, but also knew that this sort of tease/bait of free/cheap stuff could end up being more effective in making people access the Zip file.

    So my question is this - has anyone ever accessed the Zip file to see what is in it? Or, is it safe to decompress the contents of a Zip file, without it activating a virus/trojan/worm, just to see what is actually in it? I wouldn't have thought so, but I just wanted to be sure.


    Ultimately, the point of this is to serve as a reminder/warning, to never open attachments unless you know for sure what it is, and where it has come from.... especially as they seem to be getting sneakier in replicating official emails and baiting people to open them.

  2. #2
    Join Date
    1st Jan 2008
    Location
    Sydney
    Posts
    2,327

    Default

    I think the general guideline for dealing with emails from unknown sources is to move them into trash.

    I have never opened any file (zip or otherwise) from sources purporting to be from people I know.

    Another giveaway is to hover the mouse over any links in the email - this usually gives you the actual URL of the link, not what the email specifies.

    Although it's technically possible to spoof the mouse over URL, I have not seen this in spam emails yet.

  3. #3
    Join Date
    24th May 2007
    Location
    Brisbane
    Posts
    38,239

    Default

    I do trash them, but was just curious of what they have in them.
    And yes, hovering over the links can be a clue, if it asks you to click on the link to update your details... and yet it goes to some unusual foreign country (based on the country code prefix in the domain).
    But the ones with zip attachments, usually have the right homepage links in the emails (like this latest Groupon one)... because they want you to open the attachment, not go to the website. And if you did check the link, you'd end up thinking it was a legit email because it went to the homepage.

  4. #4
    Join Date
    4th Aug 2008
    Location
    The 'Riff
    Posts
    11,335

    Default

    I'd be very wary about opening any attachments. From experiences (not my own) they tend to have some really nasty viruses activate when you unzip the file. Or some can lay dormant for a period of time and then activate. I have had enough nasty viruses invade my computer to know to not to trust some things like that.

    Some particularly nasty ones can watch where you visit, say net banking, and steal your login details and such. Some can take control of your compute remotely from a hacker. I have had to do a full system restore when they hit, and its not a fun task.

    On a side note, make sure you back up your system every so often and do a full virus scan and malware scan to keep your computer in check.

  5. #5
    Join Date
    24th Nov 2009
    Location
    1984
    Posts
    8,244

    Default

    If you're ever unsure about an email, google either the subject or first line within the email. More often than not you'll find someone has reported it as malicious spam. Save yourself the hassle of reformatting your computer.
    New Acquisitions:
    TR Astrotrain, Skullsmasher, & Hardhead
    Scouting For:
    G1 Boxes & Cardbacks
    - - - - - - - - - - - - - - -
    [COLLECTION] [CREATIVE] [MK COLLECTION]



Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •