Do not open Fake Emails with Zip file attached

Hi,

That is a fake email and that download contains some Zipfile. which i think trying to hack.

Envato would never suggest them contacting you in that case. Totally fake

I think so but I was just trying to make sure.

Hi,

Yes, it is a hacking attempt.
I got this message from 5 different “customers” today. Exact same text, none of them are real customers.

The js files contain some obfuscated WScript code which basically attempts to download a malicious file and execute it on your system.

Stay away from it and you should be fine.

P.S. If anyone cares to investigate further, the executable is being downloaded from: [link removed]

3 Likes

We just got 4 emails, exactly the same.

got same message. already reported envato!

1 Like

Please do not download any files from that email.

those has 2 js file which may download viruse in your pc.

More information about WScript which used in those JS

WScript is an object that is defined when the Javascript is run within the Windows Script Host, aka WSH. The object is not available within the Javascript engine in a web browser. If you are really trying to produce “batch like” files, then you don’t need a browser, and I’d say you probably don’t want a browser.

Got the same kind of email today

I got also this email. I downloaded the file, what should I do? I’m using mac.

No. issues. just delete those files…

1 Like

Thanks.

It’s fake and dangerous!

I recieved that message from kidbyxicom1980.

I realized the file name at the last moment before clicking the file: “paypal-screenshots.jpg.js”. If my file extension settings were set as “hidden”, it’s possible that, I would have opened it.

Many developers with “file-extension: close” setting may confuse.

Don’t open them.

1 Like

Got the same email.

We just got 4 emails, exactly the same. Please do not open / click any links or files.

Unfortunately I just opened the zip folder as well as js file,Is there will be any problem for that? what security action should I take?I have already change my password. Again a lots of author get this type mail, envato should take action regarding this.

Hi,

If you are using Mac / windows 10 then no issues. just delete the file and move on with your work.

If not then run some virus scan

2 Likes

I too got the same email. Thank god first I opened his profile to see whether he purchased one of my item or not and found he did not purchase so I just neglected the email. But the question is how all of the authors were emailed at once? Is there any glitch in Envato site itself?

It’s not a glitch

A user is sending all the emails or that user just wrote some script to email authors

I downloaded the file on mobile. And later changed my password. Am I safe?