I received a strange email claiming that I started a membership at a local fitness club, which I definitely didn't. The email included two PDF attachments: one was open and the other required a password, supposedly my phone number. I was suspicious and checked them with Virus Total and Any.Run, and both said they were safe. I thought it might be a benefit related to a company I recently joined, so I tried the password, but my number didn't work. I realized I had received similar emails from this address about a year ago, but ignored them as potential spam at the time because they didn't include any attachments. Should I be concerned about this email? Could it contain malware, and what might the attackers want?
1 Answer
It's possible you could be at risk. There have been instances where malicious payloads are included in emails with password-protected files, which can execute without needing the password first. If you're using an updated version of your software, you might be okay, but it wouldn’t hurt to run a full scan or consider a reinstall just to be safe. You can check out this link for more info: https://security.stackexchange.com/questions/279107/if-i-try-to-open-a-pdf-that-is-password-protected-inside-an-email-can-i-harm-my
I'm currently running a full Windows Defender scan. So far, nothing suspicious has come up. Do you think a reinstall is really necessary?