|Zip files by themselves are not harmful or dangerous. However, they have been used by malicious individuals to obscure harmful files.
Here are some steps you can take to help protect yourself from viruses, trojans, and other malware that may be distributed in Zip files:
System Protection and Updates
- WinZip Computing recommends that all WinZip users upgrade to the latest version of WinZip, because it contains important security related fixes and enhancements.
- It is very important to have a good anti-virus program installed on your computer. We recommend that you configure your anti-virus program to scan all files that you work with in real time. Most virus scanners can also be configured to scan email as it arrives and quarantine infected messages. We also recommend that you enable this option. Also, because new viruses are discovered almost daily, be sure to keep your anti-virus program up-to-date. Most anti-virus programs have an automatic update facility that can help with this.
- Consider also installing an application to prevent and clean out malware and spyware, such as WinZip Malware Protector.
- You should also use Microsoft's Windows Update feature to be sure that you have Microsoft's latest fixes for your version of Windows. Windows Update also has an automatic update facility that can help keep you up to date.
- To be sure that you find out about new WinZip updates or maintenance releases, sign up for the WinZip mailing list.
Know Your Source
- Never open a Zip file that is attached to email from an unknown source.
- If an unexpected Zip file is attached to email from someone you know, consider verifying with the sender that the attachment is legitimate. Some viruses spread by emailing copies of themselves to everyone in the contact lists of infected computers; this means that you can receive infected files even from people you know.
- Avoid downloading Zip files from untrusted web sites.
Of course, these guidelines don't apply only to Zip files; they apply equally to any file type.
Disable Hidden File Name Extensions
All current versions of Windows are initially installed with an option called "Hide extensions for known file types" enabled. When this option is enabled, Windows will not display the file name extensions (.EXE, .DOC, etc.) for file types that it knows about.
This option is considered by many knowledgeable users to be dangerous, primarily because it can mislead you about the true nature of your files. For example, you might have a virus-infected file named "vacation.jpg.exe". If the hidden extension option is enabled, this file will appear on your desktop or in Windows Explorer as "vacation.jpg", leading you to think that it is a harmless vacation picture. In fact, it is an executable program, and opening it could infect your computer.
For information on how to disable hidden extensions, see How to configure Windows to show file extensions and hidden files.
If you have any questions about this information please email Technical Support.