- Popular
- Most Commented

Online Threat Alerts (OTA)

An anti-cybercrime community alerting you to scams and frauds.

7-Zip Archive (.7z) Malicious Email Attachments

9
9
1,798
2

Aug. 30, 2017 2017-08-30T22:11:15-05:00
Feb. 12, 2020 2020-02-12T07:05:30-05:00

Online Threat Alerts (OTA)

7-Zip Archive (.7z) Malicious Email Attachments

Online users who have received unexpected email messages with attached files with names ending with ".7z" are asked not to open them. This is because the fake email messages are being sent by cyber criminals and the attachments are 7-Zip compressed archived files that contain malware, malicious programs or computer viruses. And, any attempt to open the malicious attachments will result in the recipients getting their computers infected with a virus, Trojan horse, spyware, ransomware or other malware.

Advertisements - Continue reading below

A Sample of a Malicious 7-Zip Archive (.7z) Email Message

Subject: Emailed Invoice - 107681:1

Date: Wed 30/08/2017 22:04

From: Nickolas Leonard

Attachment: I_107681-1.7z (3 KB)

As requested

regards

--

Nickolas Leonard

The 7-Zip compression is similar to ZIP which is the most popular file compression or archive formats.

Cyber criminals usually store their malware in compressed files to help prevent antivirus software from detecting them. In other words, they do it because the compressed malicious email attachments may bypass the recipients' antivirus software.

What is a 7-Zip file?

Files with the extension .7z are compressed archive files created with 7-Zip open source software. These files are created using a compression method called LZMA, which is an algorithm for lossless data compression—a type of compression known for reducing file size while preserving quality.

Check the comment section below for additional information, share what you know, or ask a question about this article by leaving a comment below. And, to quickly find answers to your questions, use our search engine. Search

Write your comment or view the ones below. +

Save

Was this article helpful?

Advertisements - Continue reading below

Comments, Answers, Reviews or Questions

To protect your privacy, please remove sensitive or identifiable information from your comments, questions, or reviews. Please keep conversations courteous and on-topic.

Comments (9)

February 12, 2020 at 7:05 AM by info

"Notice to appear in Court

COURT ORDER

Wed 2/12/2020 7:48 AM

From: Angela Marone - angelamarone@icj.com

Document_Court_Order.7z (15 KB)

- Notice to appear in Court #0368759073 -

You are requested to appear in court on Friday the 14th of Febraury 2020 at 10:00 AM.

Please, do not forget to bring all the documents related to this case. Herein attached are the Court Order and other documents pertaining to this case; including the court address and contact information.

FILE ID is: CASE#0368759073

Note: The case will be heard by the judge in your absence (if you do not attend) and the Court may issue an arrest warrant for your arrest. If a warrant is issued for your arrest, you may be held in custody until your brought before the Court .

Yours faithfully,

Angela Malone.

Clerk of Court."

Another malicious email.

December 27, 2017 at 11:10 PM by an anonymous user from: Quezon City, National Capital Region, Philippines

Hi! Just received one attachment via facebook messenger with a file as video_8095.mp4.7z as an attachment. The messenger app cannot view it but is seen from the browser. Is this also the same malware infected program? I am hesitant to open it.

December 28, 2017 at 9:43 PM by an anonymous user from: San Juan, National Capital Region, Philippines

Got also one today. Did't open it.

December 28, 2017 at 12:11 PM by an anonymous user from: Tacloban City, Eastern Visayas, Philippines

dont open it! mobile phone messenger cant open it since its not intended to ran on mobile phones, and just what the article said it will infect your pc.. so it is intended to harm your computer..

December 26, 2017 at 12:05 PM by an anonymous user from: Lecanto, Florida, United States

12/26/2017

Received similar .7z attachment email

Sender (Terrell@mail316.us3.mcdlv.net)

Attachment: CCE26122017_006144.7Z

Attachment naming scheme seems to be letters (CCE) followed by today's date (26122017) = 26-12-2017.

December 20, 2017 at 9:32 PM by info

Here is another scam:

"Voicemail from 01770405763 <01770405763> 2m 22s

Message From "01770405763" 01770405763

Created: Thu, 21 Dec 2017 07:54:00 0700

Duration: 2m 22s

Attachment: msg_21_12_01770405763-8442763.7z 2 KB"

September 29, 2017 at 11:34 AM by info

Here is another scam:

"Invoice

Fri 29/09/2017 11:30

From: "Roberto Kilner"

Attachment: 869572.7z

Hi,

Invoice attached for the Office365 account.

Regards

Roberto Kilner"

September 27, 2017 at 1:38 AM by info

Here is another scam:

"Subject: Invoice PIS3021721

Date: Tue 26/09/2017 23:25

From: AutoPosted PI Notifier

Attachment: InvoicePIS3021721.7z

Please find Invoice PIS3021721 attached."

September 3, 2017 at 8:15 PM by info

Received the following question via a Facebook message:

"Is the app 7 Zip itself malware?"

Answer:

No, 7-Zip is not a malware. It is a legitimate and free file compression format used to reduce the size of files.

But, cyber criminals are using it to store their malware in, to help prevent antivirus software from detecting them.

Advertisements - Continue reading below

Write Your Comment, Answer, Review or Question

Enter comment, answer, review or question.

Trending Now

Samsung Mobile Promo Draw Lottery Scam - Lottery - Donation

There is no "Samsung Mobile Promo Draw" lottery. Therefore, the email message below, which claims that the recipients are lucky winners of the Samsung Mobile Promo Draw, is a scam that is being sent by lottery scammers to their potential victims. Therefore, recipients of the fake email message should not respond to it or follow the instru ...

18,390
166

Whatsapp Scam - Wrong Number Fraudulent Messages - Scamming - Fraud

The "Whatsapp Wrong Number" scam is being used by scammers, who use automated chatbots to contact potential victims from random numbers to lure them into conversations and trick them into falling for their fraudulent activities. ...

12,277
6

McAfee Scam Email Cancellation Request - Scamming - Fraud

The McAfee scam email request cancellation below is just one of the many being sent by scammers to trick potential victims into contacting them. The fake invoice claims the recipients' subscription will be renewed automatically unless they turn it off in 24 hours. It then gives them a fake MacAfee customer service telephone number to call. The ...

Is ryml.me a Scam? Received Parcel SMS Text Message - Questions and Answers

I received the text below, which appears to have been sent from Royal Mail. The link in the text goes to the website ryml.me, which is owned by Royal Mail. But, I want to be sure that the text is not a scam. The text message came from telephone number 769256245. ...

13,339
10

PayPal Docusign Scam Email Doc - Scamming - Fraud

The fake Docusign email, which claims PayPal customer service sent the recipients a document to review and sign, is a scam. The Docusign email scam is being sent by scammers attempting to trick potential victims into clicking the link in it. The link goes to a fake and phishing PayPal website that steals account credentials, personal, or financial ...

8664466319 PayPal Scam and Fraudulent Email - Spamming - Adware

Scammers are using the telephone number 866-446-6319 to trick potential victims into contacting them. The scammers send out fake PayPal emails to potential victims claiming there is a fraudulent charge on their accounts and ask them to call the fake customer service telephone number for help. If contacted, the scammers will pretend to be PayPal cus ...

McAfee Scam Invoice and Fraudulent Messages - Scamming - Fraud

Scammers are sending McAfee scam invoices like the one below to potential victims. The scammers aim to frighten and trick their potential victims into calling the fake Mcafee customer or technical support telephone number in the email. Therefore, recipients of the fake McAfee are asked to delete it and should not call the fake McAfee technical supp ...

Check Your Web Browser for the SSLv3 POODLE Vulnerability or Exploit - Hacking - Cyber-attacks

The link to the test below will take a few seconds to determine if your web browser is vulnerable to the SSLv3 or POODLE exploit. Please note that JavaScript must be enabled in order for the test to work. Although SSLv3 (SSL version 3) is very old and was replaced with Transport Layer Security (TLS), it is still being widely used today. ...

3,509
0

"www.cnregistry.org.cn" - it is a Fake CN and ASIA Domain Name Registration Website - Scamming - Fraud

Domain name owners be aware of fraudulent Chinese domain name registration emails like the one below that came from the fake website "www.cnregistry.org.cn". The fraudulent email messages should not be responded to, especially with personal or financial information. And, the instructions in the same fraudulent email messages should not be ...

4,000
13

"Debt Collection Agency Garnishment Notification and Arrest Notice" Phishing Scam - Scamming - Fraud

The email messages below, which appear to have been sent by the Debt Collection Agency claiming legal actions will be taken against the recipients to recover balance due, legal fees and court cost that has incurred, are scams. The fake email messages are being sent by online scammers and not the legitimate Ace Law Office, to frighten and trick the ...

1,392
17

"FIFA Coca-Cola World Cup Online Lottery Award" Scam - Lottery - Donation

There is no "FIFA Coca-Cola World Cup Online Lottery Award". Therefore, recipients of a fake FIFA Coca-Cola World Cup lottery messages like the sample below, being sent by lottery scammers, which claim that they are winners, should delete the messages. They should also not follow the instructions in them. ...

1,239
7

Is The $750 Shein Gift Card a Scam? Flash Rewards System - Scamming - Fraud

It seems that the Flash Rewards system is a scam. They have promotional deals that you complete in order to get a gift card. The scam is, they say you must complete X number of deals in a specified timeframe (ie 20 days). It's fast to complete deals, but they don't credit you right away. It may take a week or more to get credited. And, you ...

41,834
10

Advertisements - Continue reading below

This Week's Most Popular

Moonton Account Scam Email Account Setting Modification

I got a Moonton email from donotreply@register-sc.moonton.com claiming someone tried to change my account settings and sent a verification code. The thing is, I do not have an account with any Moonton game. Is this some type of phishing Moonton scam or what? ...

8664466319 PayPal Scam and Fraudulent Email

Brushing Scam in a Red Package

I got a package from Amazon that I did not order. It was in a red box with a business card that had a QR CODE. I looked at my order history and I didn't see it and I knew I didn't buy it. I called Amazon and they said this is a SCAM and when you scan the QR code the scammers get access to everything in your phone. ...

Officer Schultz Scam Call - Press One for Concerned Department

Scammers are calling potential victims claiming to be Officer Sarah Schultz from a so-called legal department. The scammers claim their potential victims need to discuss their case and take action. Potential victims are then asked to press one in order to connect to a federal agent. ...

49,385
1,503

Is the MGM Data Settlement a Scam?

I just received the MGM Data Settlement email below. They are cutting me a check for $75. Easy money. Never had a problem with the breach, our data is always available these days unfortunately. You have to be diligent watching your accounts. ...

Samsung Mobile Promo Draw Lottery Scam

18,390
166

Is The $750 Shein Gift Card a Scam? Flash Rewards System

41,834
10

Economic Impact Payment Scam Text Messages

Please beware of "IRS $1,400 Economic Payment" scam texts. I got the $1,400 fraudulent rebate text message below. This clever scam aims to trick victims into handing over sensitive personal and financial information under the pretense of receiving Economic Impact Payment stimulus aid. ...

202 Area Code Scams and Calls

I have been getting a lot of 202 scam calls over the past few days. It seems scammers are using special technology to spoof the actual phone number of a government agency or call from ZIP code (202 for Washington, D.C., for example). This can trick some people into thinking the caller is from a valid source. ...

PayPal Docusign Scam Email Doc

McAfee Scam Invoice and Fraudulent Messages

Fastrak Lane Tolls Scam Text - Fine and License

The Fastrak Lane Tolls scam text message below, which claims you need to avoid a fine and keep your license, is being sent by online scammers. The text aims to frighten and trick potential victims into clicking the link in it. The link goes to a phishing website that steals personal and financial information, which will be used fraudulently by scam ...

Type Amen Facebook Posts for Help of Children, Adults or Animals

Beware of deceitful Facebook users who are posting pictures of sick, starving, dead and injured children, adults or animals on Facebook, to trick other Facebook users into commenting on them by typing "Amen," in order to make them popular. This type of activity is another Like-Farming scam, and the photos or videos in them are being used ...

6,914,953
1,017

Advertisements - Continue reading below