Jump to content

David H. Lipman

Experts
  • Content Count

    15,821
  • Joined

  • Days Won

    1

Everything posted by David H. Lipman

  1. You submitted a URL on howtoremove.guide for analysis. The site is not a malicious site that will cause malware to be installed on your PC just by visiting it. The site does have an agenda but not to "infect" the visitor. https://howtoremove.guide/remove-drive-by-exploit-email/ The purpose of howtoremove.guide is not to provide information. It is a shill site created to obtain affiliate revenue for the web site owner by referring visitors to SpyHunter software. It is not an authoritative site and what it provides is incomplete and misinformation hoping you will be referred to use SpyHunter. This is Social Engineering to lend credulity to the email blackmail scam so you'd be more likely to pay the blackmail fee. So there are Two Social Engineering processes to discus here. Email blackmail scams use a password or some verbiage to make you have fear and trepidation to induce the victim to pay the blackmail fee to not release reported private data. There are sites that are created to be the destination of common Google, Bing, Ask and other associated search topics to provide faulty or misinformation to goad someone to use or buy a product or for a service.
  2. Malvertising doesn't really intend to infect. Rather it is a set ploys used in Social Engineering to influence the visitor for various reasons. The subsequent actions by a user may lead to infection such as with a Malvertisement pushing a Fake Java, Flash, Firefox or other software update. If a site is blocked, the connection is not made and the communication is stopped and thus "blocked". For example if the Malvertisement intent was to tell you your PC is infected and you should call a Phone Number, you would not be presented with that content. Another example would be if a Malvertisement's intent was to tell you there is a Firefox update, you would not see that content either. Another case would be a URL of a known malvertiser being blocked. Visiting that kind of redirection URL multiple time may push a myriad of Malvertisement types, different each time it is visited. By blocking that kind of site, you are not confronted with those kinds of malicious or fraudulent sites the malvertiser may redirect your Browser to. In short, the Malwarebytes "blocking" of those sites short-circuits their attempts.
  3. Additionally, @rundwald you can enter your email address(es) in the following site and it will check to see if your email address was part of a known breach. https://haveibeenpwned.com/ Some additional authoritative reports on the email blackmail scheme. ----------------- US FBI PSA - Extortionists Increasingly Using Recipients' Personal Information To Intimidate Victims US FTC Consumer Information - How to avoid a Bitcoin blackmail scam MyOnlinesecurity - attempted-blackmail-scam-watching-porn BleepingComputer - Beware of Extortion Scams Stating They Have Video of You on Adult Sites Malwarebytes' Blog - Sextortion emails: They’re probably not watching you Malwarebytes Forum sample thread - Got strange threating email. Malwarebytes Forum FYI thread - FYI: Email Ransom Scam still current
  4. Any questions or is there anything else ?
  5. I have created a 1series of videos generated from these kinds of fraud sites for the purposes of recognition and education. They are all videos from real web sites. ALL are FRAUDS. All these have one thing in common and they have nothing to do with any software on your PC. They are all nefarious web sites meant to defraud you of money. The objective is to, falsely, goad you to make the phone call and pay for some service contract for an incident that never happened. From there they may continue to charge your Credit Card for other services, remote into your computer and do real damage and/or exfiltrate your personal data and they may use the information they obtain from you to commit additional frauds. MalwareScam.wmv MalwareScam-1.wmv MalwareScam-2.wmv MalwareScam-3.wmv MalwareScam-4.wmv MalwareScam-5.wmv MalwareScam-6.wmv I have also created a PDF ScreenShow of a myriad of FakeAlert screens - FakeAlert-Screens.pdf / Flash Version They are all a kind of malicious advertisement ( aka; malvertisement ). Using Task Manager and Killing the; Edge, IExplorer, Chrome, Firefox, etc, processes is very effective once you are affected by these FakeAlerts. Right now, to block it means Malwarebytes needs to know the URL to block. If you can provide the URL it can be added to the list for Malwarebytes sites to block. Submissions of suspect and malicious URLs can be performed in; Newest IP or URL Threats after reading; READ ME: Purpose of this forum Malwarebytes is creating Beta versions of Browser Add-Ins for Chrome and Firefox to deal with FakeAlerts and other frauds. But as noted, they are still Beta versions. Browser Add-On references: Malwarebytes Browser Extension for Chrome (Beta) Malwarebytes Browser Extension for Firefox (beta) Reference: US FBI PSA - Tech Support Fraud US FTC Consumer Information - Tech Support Scams US FTC - Tech Support Operators Agree to Settle Charges by FTC and the State of Ohio US FTC - FTC and Federal, State and International Partners Announce Major Crackdown on Tech Support Scams Malwarebytes' Blog - Search on - "tech support scams" Malwarebytes' Blog - "Tech support scams: help and resource page" 1. Also located at "My Online Security" - Some videos of typical tech support scams
  6. You don't have to reboot. Not for this. Like I said, it is not active.
  7. No. It is best to leave as-is. As noted it is a special OS construct. If the Recycle Bin shows empty, perhaps MBAM has already moved the item into Quarantine. If you still have that report, go ahead and choose "Quarantine Selected".
  8. The "F:" drive is the " Toshiba hard drive " you indicated you scanned. The Recycle Bin will be an Icon on your Desktop <=== This shows it has items in the Recycle Bin. This shows I have emptied it ==> https://support.microsoft.com/en-us/help/15057/windows-show-hide-recycle-bin Once it is on the Windows Desktop, Right-Click on the Recycle Bin icon and choose "Empty Recycle Bin"
  9. Yes. The Recycle Bin is not a folder that is viewable in Windows Explorer. It is a "Special" OS Construct.
  10. Connect Drive "F:" and yes, you can quarantine it or you can empty the "F:" recycle bin.
  11. It is not active, it is a file in the Recycle Bin. Empty the Recycle Bin and its gone.
  12. Yes, and he came to a faux conclusion and he made a baseless claim.
  13. Please request a checkout in the Mac Malware Removal Help & Support sub-forum to ease your mind., I see that you now have done so.
  14. OK - Request a checkout in the Mac Malware Removal Help & Support sub-forum. NOTE: This thread was originally posted in Newest Malware Threats which is a Windows malware file submission sub-forum and was moved here to General Chat. Thus a presumption of Windows was made.
  15. It means you will read; I'm infected - What do I do now? and follow the procedures to create specific LOG files. You then create a new post in; Windows Malware Removal Help & Support and request assistance. A Forum Malware Removal Helper will Pop your post off the queue and parse those LOG files and assist you in the determination if there is indeed malware on your PC and if there is, help you to remove it.
  16. Yes. I do not interpret LOGs as I am more of a researcher than a Forum malware removal helper. By creating a new post, a Forum Helper will pop the unanswered post off the queue and help you along the process.
  17. If you still think you may be infected then please read; I'm infected - What do I do now? and create a new post in; Windows Malware Removal Help & Support and request that you would like to have to have your PC checked out for assurance.
  18. You did not answer my question. Is your email similar to those in this thread... FYI: Email Ransom Scam still current howtoremove.guide is s shill site. The Internet is chock full of shill sites such as the above. In this case it is designed to give limited or misinformation and is created for the purpose of referring people to Enigma software and obtain affiliate revenue. This is purely a scam and they send those emails out en masse hoping one or two bite at the bait. Just delete the email and then change your email password to a new Strong Password just to make sure. Additionally, you can enter your email address(es) in the following site and it will check to see if that email address was part of a known breach. Being a part of a breach is how they obtain people's passwords and use them to lend credulity to the scam. https://haveibeenpwned.com/ Please reference: ----------------- US FBI PSA - Extortionists Increasingly Using Recipients' Personal Information To Intimidate Victims US FTC Consumer Information - How to avoid a Bitcoin blackmail scam MyOnlinesecurity - attempted-blackmail-scam-watching-porn BleepingComputer - Beware of Extortion Scams Stating They Have Video of You on Adult Sites Malwarebytes' Blog - Sextortion emails: They’re probably not watching you Malwarebytes Forum sample thread - Got strange threating email. Malwarebytes Forum FYI thread - FYI: Email Ransom Scam still current
  19. You indicated... "...and emailed me confirmation it knows one of my passwords ..." Please read the following thread and example emails. is your email similar to those in this thread... FYI: Email Ransom Scam still current
  20. Due to the fact you are unsure, then I urge you to read; I'm infected - What do I do now? and make a post in; Windows Malware Removal Help & Support and request that you would like to have to have your PC checked out for assurance and reference this thread.
  21. I have requested you read those authoritative references. The come from the here at Malwarebytes, the US FTC and FBI, Bleeping Computers and MyOnlinesecurity. I asked you to use Critical Thought and compare the text of your email vs. the text of similar email scams. I have explained about Mail Merge and how a mass email can be sent "personalized" with a password of your own making and I have provided a link to a site, https://haveibeenpwned.com/ , where one can check if they were part of a breach and how that personal password was obtained. If you still think this information in the email is true then you do have a high probability of being an easy mark. The fact that you are here, and still questioning it, shows promise. Please read those References I have provided and do compare the text of the email with the subject matter within each reference. Then I urge you to read; I'm infected - What do I do now? and make a post in; Windows Malware Removal Help & Support and request that you would like to have to have your PC checked out for assurance and reference this thread.
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.