This crafty email scam smuggles malware behind .zipx files

(Image credit: Shutterstock / rupadaratan)

Researchers have identified a new email scam that applies a number of crafty techniques to bypass security filters and infect victims with malware.

As described in a blog post from security firm Trustwave, cybercriminals are abusing file compression techniques to smuggle NanoCore malware into inboxes.

By concealing the malicious executable within a .zipx file, the scam operators improve their chances of circumventing security protections. The .zipx file is also dressed up as a PDF, complete with an Adobe Acrobat icon, in a bid to trick the victim into opening the attachment without thinking twice.

Here's our list of the best malware removal software available
Check out our rundown of the best firewalls right now
We've built a list of the best endpoint protection on the market

Once the .zipx file is unpacked by the recipient, using archive utilities WinRAR or 7zip (interestingly, WinZip fails to extract the executable), the remote access trojan (RAT) infects the device and relays any stolen data to command and control servers.

.zipx email scam

Although the scammers have gone to extreme lengths to conceal the malicious email attachment, the rest of the scam lacks the same level of sophistication.

The sender poses as a purchasing manager in urgent need of services, presumably in an attempt to prey on businesses struggling to survive under the strain of the pandemic. However, the email itself has all the hallmarks of malspam.

There are multiple errors of spelling and grammar, the sentence structure is awkward and the message is addressed to “Sir/Madam” as opposed to a specific recipient. As with many phishing and malspam campaigns, the opportunity offered up by the sender is also too good to be true.

In other words, the email gives the recipient every opportunity to identify the message as a fake.

As ever, to protect against email-based attacks of this kind, users are advised never to download unsolicited attachments from unknown sources, to scrutinize emails for errors that might betray a scam and to protect their machines with a leading antivirus solution.

Here's our list of the best ransomware protection services right now

TOPICS

Joel Khalili is the News and Features Editor at TechRadar Pro, covering cybersecurity, data privacy, cloud, AI, blockchain, internet infrastructure, 5G, data storage and computing. He's responsible for curating our news content, as well as commissioning and producing features on the technologies that are transforming the way the world does business.

Latest

Dell XPS 14 and Alienware m16 on purple background with don't miss text overlay

The Dell Black Friday sale is one of the best I've seen: here are 9 deals I'd recommend

See more latest ►

.zipx email scam

Are you a pro? Subscribe to our newsletter

Most Popular