I got an email from "DHL-delivery.com" informing me that a package I had sent back in June had been misaddressed and I needed to send in the correct address. The incorrect form was in a zip file and I was supposed to correct it.
Unfortunately, that was a real possibility. Fortunately, I checked the website and found that it was an undeveloped quickie with name only thrown up on a free MS webhosting site.
I scanned the zip file using both Malwarebytes and Norton. Both found it was clean. Well, no way was I going to open it. So I uploaded it to the Symantec security site.
A few hours later I got my response. It was indeed a high security threat, containing a new trojan. The signature file against it has already been put together and I suppose it is being delivered as I speak -- but in case it isn't, it is available via the Intelligent Updater; and you now know the form of delivery.
And, yes, when I scanned it now, it was detected and cleaned.
I think Symantec can be proud of how fast it responded in this instance.