Phishing Alert: Fake Wells Fargo Email Attempts to Entice Users to Open Harmful ZIP Attachment

Tuesday, June 18, 2013

Computing Services and Systems Development (CSSD) is responding to another email phishing scam being received by members of the University community. This email claims to be from Wells Fargo and asks readers to open the attached zip file.

The zip file contains harmful software. Do not open it. Phishing scammers have recently been using encrypted zip files to deliver malicious files via email, because it helps bypass anti-virus programs that scan zip files.

If you receive this message (or any message similar to it), delete it without replying, opening any attachments, or clicking on any links within the emails. The following is a sample of the recent fraudulent email:

* * * * * * * * * * * * * * * * SAMPLE * * * * * * * * * * * * * * *

Subject: IMPORTANT Documents - WellsFargo

Please check attached documents.

Wells Fargo Advisors
817-555-5555 office
555-555-5555 cell


To unsubscribe from marketing e-mails from:

  • An individual Wells Fargo Advisors financial advisor: Reply to one of his/her e-mails and type "Unsubscribe" in the subject line.
  • Wells Fargo and its affiliates: Unsubscribe at (URLremoved).

Neither of these actions will affect delivery of important service messages regarding your accounts that we may need to send you or preferences you may have previously set for other e-mail services.

For additional information regarding our electronic communication policies, visit (URLremoved).

Investments in securities and insurance products are:

Wells Fargo Advisors, LLC is a nonbank affiliate of Wells Fargo & Company, Member FINRA/SIPC. 1 North Jefferson, St. Louis, MO 63103

CONFIDENTIAL NOTICE: The contents of this message, including any attachments, are confidential and are intended solely for the use of the person or entity to whom the message was addressed. If you are not the intended recipient of this message, please be advised that any dissemination, distribution, or use of the contents of this message is strictly prohibited. If you received this message in error, please notify the sender. Please also permanently delete all copies of the original message and any attached documentation. Thank you.

* * * * * * * * * * * * * * END SAMPLE* * * * * * * * * * * * * *

CSSD strongly recommends that you do not reply to unsolicited emails or emails from unverifiable sources. Avoid clicking on links contained in such emails, as these may lead to sites that contain harmful software. If a link looks suspicious, you can hover over the link with your mouse to preview the URL without clicking on it.

In addition, CSSD recommends that all users install Symantec Endpoint Protection software and use the LiveUpdate feature to get the latest virus definitions. Symantec Endpoint Protection can be downloaded at no cost through the Software Download Service at My Pitt (

Get Help