If you do open the archive (just to look), check the files inside. If you see a .exe , .scr , .vbs , or .js file inside a RAR named after random numbers, that is a massive red flag.
Many malicious RARs are password-protected (often the password is "1234" or "password"). This is a tactic used to prevent antivirus software from "seeing" what's inside the archive. 4. Technical Breakdown of This Naming Pattern
A numeric name looks like a boring system temp file that a casual user might ignore.
