Phishing Alert: Fake Email Claiming to be Secure Message Entices Users to Open Harmful ZIP Attachment

Tuesday, April 16, 2013

Computing Services and Systems Development (CSSD) is responding to another email phishing scam being received by members of the University community. The email claims that you have received a secure message and must view it by opening the attached zip file with the password provided in the email.

The zip file contains harmful software. Do not open it. Phishing scammers have recently been using encrypted zip files to deliver malicious files via email because it helps bypass anti-virus programs that scan zip files.

If you receive this message (or any message similar to it), delete it without replying, opening any attachments, or clicking on any links within the emails. The following is a sample of the recent fraudulent email:

* * * * * * * * * * * * * * * * SAMPLE * * * * * * * * * * * * * * *
Subject: Fiserv Secure Email Notification - 43IV8BULYZZZZZZ
From: Fiserv Secure Notification
You have received a secure message

Read your secure message by opening the attachment,

The attached file contains the encrypted message that you have received.

To decrypt the message use the following password - CaUv4Z761mA

To read the encrypted message, complete the following steps:

- Double-click the encrypted message file attachment to download the file to your computer.
- Select whether to open the file or save it to your hard drive. Opening the file displays the attachment in a new browser window.
- The message is password-protected, enter your password to open it.

To access from a mobile device, forward this message to mobile@addressremoved to receive a mobile login URL.

If you have concerns about the validity of this message, please contact the sender directly. For questions about secure e-mail encryption service, please contact technical support at 555.555.5555.

2000-2013 Fiserv Secure Systems, Inc. All rights reserved.

* * * * * * * * * * * * * * END SAMPLE* * * * * * * * * * * * * *

CSSD strongly recommends that you do not reply to unsolicited emails or emails from unverifiable sources. Avoid clicking on links contained in such emails, as these may lead to sites that contain harmful software. If a link looks suspicious, you can hover over the link with your mouse to preview the URL without clicking on it.

In addition, CSSD recommends that all users install Symantec Endpoint Protection software and use the LiveUpdate feature to get the latest virus definitions. Symantec Endpoint Protection can be downloaded at no cost through the Software Download Service at My Pitt (

Get Help