Attachments containing Zepto virus

A number of users have been targeted by emails containing attachments that infect computers with the Zepto virus.

These emails are very difficult to block as they don’t contain any virus content, the virus is only downloaded once the attachment is opened. Once opened the virus attacks drives on the users computer.

Currently Zepto emails are easy to spot and users at the University have received emails looking like this:

There are a few clues in this email that point to a scam:

1. In the subject line are the words ‘POTENTIALLY MALICIOUS’. This warning is added when a suspicious email is detected, you shouldn't even open the email. 

2. The email appears to have been sent by the recipient, essentially Zepto has spoofed the sender address.

3. The title of the email is numeric and has no meaning. 

These emails should be deleted and not opened. 


If the email is opened there are more clues it's a scam: 

1. The email is blank and has no signatory. 

2. The email has an attachment with a numeric title and no meaning. 

These emails should be deleted and not opened. 


If the attachment is opened there are further clues the email is the scam: 

1. When the document is opened the user is asked to enable Micros (don’t do this, don’t open it in the first place!)

The attachment should not be opened under any circumstances. It will infect your computer and compromise your data. 

If you receive a suspect email please report it to the Service Desk