Malware attachment scam
Quick answer
A scammer sends an attachment that installs malware to steal data or control your device.
- Delete the message; verify with the sender through a known contact if needed.
What it is
A scammer sends an attachment that installs malware to steal data or control your device.
How it works
An email or message includes a file (invoice, CV, photo, or app) that runs harmful code when opened or enabled.
Red flags to watch for
- Unexpected attachments
- Files that ask you to 'enable content' or 'enable macros'
- App installers (.apk/.exe) from messages
- Mismatched sender
Example
An email attaches an 'invoice' and asks you to enable content to view it. This is risky because enabling content can run malware.
What not to do
- Do not open unexpected attachments
- Do not enable macros
- Do not install apps from messages
The safe next step
Delete the message; verify with the sender through a known contact if needed.
Often seen on: Email, WhatsApp, SMS.
Commonly targets: Anyone, Businesses.
How to verify safely
- Do not use links, phone numbers, QR codes, or email addresses from the suspicious message.
- Open the official app or website yourself - type the address manually.
- Call a contact you have saved, or the number printed on your bank card.
- If you are threatened or in immediate danger, contact local emergency services or police.
How to report it
Report to your IT team or national cybercrime authority.
Find official links for your country in the scam reporting directory.
Got a message like this?
Check it now to see the specific red flags and what to do next.
Check a messageRelated scam types
Frequently asked questions
What is a malware attachment scam?
A scammer sends an attachment that installs malware to steal data or control your device.
How can I avoid a malware attachment scam?
Delete the message; verify with the sender through a known contact if needed.
What should I do if I have already been affected?
Contact your bank or the relevant provider through official channels, change any exposed passwords from a trusted device, and save evidence. See our recovery guides, and be wary of recovery scams that promise to get your money back for a fee.