Beware! Malicious Europcar invoice emails spread Trojan horse attack

Graham Cluley
Graham Cluley
@[email protected]

SophosLabs has intercepted many emails today, attempting to infect Windows computers via an email purporting to be an invoice from a car rental company.

The emails, which pretend to come from Europcar, have a ZIP file attached which contains a malicious payload.

Malicious Europcar email

Subject: Europcar Invoice [random number]
Attached file: EuropCar

Sign up to our free newsletter.
Security news, advice, and tips.

Message body:
Please find your Invoice attached.
This is an automated message, please do not reply to this email.
Should you require further information, please contact Europcar UK Customer Services by emailing to [email protected]
<mailto:[email protected]>.
Best Regards,
Europcar UK Ltd
Car hire with great rental deals, holiday offers, and discount UK car rentals.
Europcar UK make car hire quick and easy.
For latest offers and promotions please visit us at:

Sophos products are detecting the attached file, “EuropCar”, as Troj/Invo-Zip.

Of course, the emails don’t really come from Europcar – the cybercriminals behind the attack have simply forged the sender’s email address.

Car rental. Image from ShutterstockOf course, even if you haven’t hired a rental car you might still be concerend that your credit card might have been stung, and open the ZIP file without thinking of the possible consequences.

Once infected, remote hackers can take control of your computer – potentially using it to spam out other attacks or to steal information from you.

Make sure that your anti-virus defences are up-to-date and always be suspicious of unsolicited emails that try to lure you into opening attachments. It could be a ploy by a hacker to hijack your computer.

Car rental image from Shutterstock.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.