Beware! Malicious Europcar invoice emails spread Trojan horse attack

SophosLabs has intercepted many emails today, attempting to infect Windows computers via an email purporting to be an invoice from a car rental company.

The emails, which pretend to come from Europcar, have a ZIP file attached which contains a malicious payload.

Malicious Europcar email

Subject: Europcar Invoice [random number]
Attached file: EuropCar

Message body:
Please find your Invoice attached.
This is an automated message, please do not reply to this email.
Should you require further information, please contact Europcar UK Customer Services by emailing to
Best Regards,
Europcar UK Ltd
Car hire with great rental deals, holiday offers, and discount UK car rentals.
Europcar UK make car hire quick and easy.
For latest offers and promotions please visit us at:

Sophos products are detecting the attached file, “EuropCar”, as Troj/Invo-Zip.

Of course, the emails don’t really come from Europcar – the cybercriminals behind the attack have simply forged the sender’s email address.

Car rental. Image from ShutterstockOf course, even if you haven’t hired a rental car you might still be concerend that your credit card might have been stung, and open the ZIP file without thinking of the possible consequences.

Once infected, remote hackers can take control of your computer – potentially using it to spam out other attacks or to steal information from you.

Make sure that your anti-virus defences are up-to-date and always be suspicious of unsolicited emails that try to lure you into opening attachments. It could be a ploy by a hacker to hijack your computer.

Car rental image from Shutterstock.