You can make a difference in the Apple Support Community!

When you sign up with your Apple Account, you can provide valuable feedback to other community members by upvoting helpful replies and User Tips.

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

Trojan found in mail folder

Hello, I ran a BitDefender scan today and it detected a Trogan.PDF.Phishing.RD found in the Mail Attachment folder. I have deleted this file and do not remember ever opening this email nor downloading or opening the attached file. Should I be worried about being infected and needing to change passwords etc? I assumed that the mail app just automatically downloads emails and their attachments but I am not too sure. Some assurance would be fantastic, thankyou.

Posted on Mar 6, 2023 4:32 PM

Reply
Question marked as Top-ranking reply

Posted on Mar 7, 2023 10:51 AM

Generally the risk is low, and there's not enough info in your post to be certain, but the description implies you received a phishing email with an attached trojan.


The options are pretty much:


1) Mail.app does a pretty good job of filtering these mails into your Junk folder, so there's a chance you never saw the message in the first place, in which case you're fine - the trojan can't do anything unless you invoke it.


2) If you saw the message, it probably said something vague about you needing to 'open the attachment' for some 'important information'. If you saw the message and recognized it for what it was, and didn't open the attachment, you're also fine - again, the trojan can't do anything if you don't invoke it.

However, some of these emails are well written and you might have been tricked into opening the file thinking it was legitimate.


3) If you didn't recognize the message as junk, and did open the attachment, there is a chance something bad happened. However, most trojan attacks target Windows systems (they are generally easier to hack and there are more of them out there so have a higher chance of success). A lookup on that name implies it is a Windows-specific hack, in which case you have nothing to worry about (Windows viruses/trojans can't affect Macs). However, there are cross-platform attacks, including ones that take you to web sites that look like official sites such as banks, to trick you into giving up your account credentials.


So,


IF mail.app didn't filter the message to your junk folder

AND IF you saw the message

AND IF you read the message and didn't recognize it as junk

AND IF you opened the attachment

AND IF the attachment wasn't specific to Windows systems

AND IF you authenticated to either install some software, or login to some site


then there's a chance something bad happened.


If any of the above aren't true, then you're OK.


In any case, changing passwords is rarely a bad idea, but it won't help if the malware is already installed, or you've already given up your account credentials. Something about closing the stable door after the horse has bolted.

Similar questions

2 replies
Question marked as Top-ranking reply

Mar 7, 2023 10:51 AM in response to Kastl3

Generally the risk is low, and there's not enough info in your post to be certain, but the description implies you received a phishing email with an attached trojan.


The options are pretty much:


1) Mail.app does a pretty good job of filtering these mails into your Junk folder, so there's a chance you never saw the message in the first place, in which case you're fine - the trojan can't do anything unless you invoke it.


2) If you saw the message, it probably said something vague about you needing to 'open the attachment' for some 'important information'. If you saw the message and recognized it for what it was, and didn't open the attachment, you're also fine - again, the trojan can't do anything if you don't invoke it.

However, some of these emails are well written and you might have been tricked into opening the file thinking it was legitimate.


3) If you didn't recognize the message as junk, and did open the attachment, there is a chance something bad happened. However, most trojan attacks target Windows systems (they are generally easier to hack and there are more of them out there so have a higher chance of success). A lookup on that name implies it is a Windows-specific hack, in which case you have nothing to worry about (Windows viruses/trojans can't affect Macs). However, there are cross-platform attacks, including ones that take you to web sites that look like official sites such as banks, to trick you into giving up your account credentials.


So,


IF mail.app didn't filter the message to your junk folder

AND IF you saw the message

AND IF you read the message and didn't recognize it as junk

AND IF you opened the attachment

AND IF the attachment wasn't specific to Windows systems

AND IF you authenticated to either install some software, or login to some site


then there's a chance something bad happened.


If any of the above aren't true, then you're OK.


In any case, changing passwords is rarely a bad idea, but it won't help if the malware is already installed, or you've already given up your account credentials. Something about closing the stable door after the horse has bolted.

Trojan found in mail folder

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.