Jump to content

David H. Lipman

Experts
  • Content Count

    15,937
  • Joined

  • Days Won

    1

Everything posted by David H. Lipman

  1. On the far chance this could be based upon Ads targeted through advertiser Cookies, try to use the following services to Opt-Out of Interest Based Advertising and Targeted Advertising. http://www.networkadvertising.org/choices/ http://www.aboutads.info/choices/
  2. Notifications are disabled yet I received a "Threat Watch" notification for a Sodiniokibi Ransomware. How does one Disable the receipt of "Threat Watch" notifications ?
  3. That explains the detection of "Riskware.ExtensionMismatch" the contents of the file being a PE while the file extension was JPG.
  4. You won't get an email you'll get a list of sites IFF the email address you entered was part of a known breach. I just gave the site one of my email addresses and I was provided the following... You can sign up for email notifications for the email address you provide if it is found in any subsequent NEW breaches. For example I received an email last week about the Evite Breach that email address was associated with.
  5. https://haveibeenpwned.com/ is a reputable, non-malicious, white hat web site by Microsoft MVP Troy Hunt Reference: https://haveibeenpwned.com/About https://mvp.microsoft.com/en-us/PublicProfile/4031649
  6. You submitted a URL on howtoremove.guide for analysis. The site is not a malicious site that will cause malware to be installed on your PC just by visiting it. The site does have an agenda but not to "infect" the visitor. https://howtoremove.guide/remove-drive-by-exploit-email/ The purpose of howtoremove.guide is not to provide information. It is a shill site created to obtain affiliate revenue for the web site owner by referring visitors to SpyHunter software. It is not an authoritative site and what it provides is incomplete and misinformation hoping you will be referred to use SpyHunter. This is Social Engineering to lend credulity to the email blackmail scam so you'd be more likely to pay the blackmail fee. So there are Two Social Engineering processes to discus here. Email blackmail scams use a password or some verbiage to make you have fear and trepidation to induce the victim to pay the blackmail fee to not release reported private data. There are sites that are created to be the destination of common Google, Bing, Ask and other associated search topics to provide faulty or misinformation to goad someone to use or buy a product or for a service.
  7. Malvertising doesn't really intend to infect. Rather it is a set ploys used in Social Engineering to influence the visitor for various reasons. The subsequent actions by a user may lead to infection such as with a Malvertisement pushing a Fake Java, Flash, Firefox or other software update. If a site is blocked, the connection is not made and the communication is stopped and thus "blocked". For example if the Malvertisement intent was to tell you your PC is infected and you should call a Phone Number, you would not be presented with that content. Another example would be if a Malvertisement's intent was to tell you there is a Firefox update, you would not see that content either. Another case would be a URL of a known malvertiser being blocked. Visiting that kind of redirection URL multiple time may push a myriad of Malvertisement types, different each time it is visited. By blocking that kind of site, you are not confronted with those kinds of malicious or fraudulent sites the malvertiser may redirect your Browser to. In short, the Malwarebytes "blocking" of those sites short-circuits their attempts.
  8. Additionally, @rundwald you can enter your email address(es) in the following site and it will check to see if your email address was part of a known breach. https://haveibeenpwned.com/ Some additional authoritative reports on the email blackmail scheme. ----------------- US FBI PSA - Extortionists Increasingly Using Recipients' Personal Information To Intimidate Victims US FTC Consumer Information - How to avoid a Bitcoin blackmail scam MyOnlinesecurity - attempted-blackmail-scam-watching-porn BleepingComputer - Beware of Extortion Scams Stating They Have Video of You on Adult Sites Malwarebytes' Blog - Sextortion emails: They’re probably not watching you Malwarebytes Forum sample thread - Got strange threating email. Malwarebytes Forum FYI thread - FYI: Email Ransom Scam still current
  9. Any questions or is there anything else ?
  10. I have created a 1series of videos generated from these kinds of fraud sites for the purposes of recognition and education. They are all videos from real web sites. ALL are FRAUDS. All these have one thing in common and they have nothing to do with any software on your PC. They are all nefarious web sites meant to defraud you of money. The objective is to, falsely, goad you to make the phone call and pay for some service contract for an incident that never happened. From there they may continue to charge your Credit Card for other services, remote into your computer and do real damage and/or exfiltrate your personal data and they may use the information they obtain from you to commit additional frauds. MalwareScam.wmv MalwareScam-1.wmv MalwareScam-2.wmv MalwareScam-3.wmv MalwareScam-4.wmv MalwareScam-5.wmv MalwareScam-6.wmv I have also created a PDF ScreenShow of a myriad of FakeAlert screens - FakeAlert-Screens.pdf / Flash Version They are all a kind of malicious advertisement ( aka; malvertisement ). Using Task Manager and Killing the; Edge, IExplorer, Chrome, Firefox, etc, processes is very effective once you are affected by these FakeAlerts. Right now, to block it means Malwarebytes needs to know the URL to block. If you can provide the URL it can be added to the list for Malwarebytes sites to block. Submissions of suspect and malicious URLs can be performed in; Newest IP or URL Threats after reading; READ ME: Purpose of this forum Malwarebytes is creating Beta versions of Browser Add-Ins for Chrome and Firefox to deal with FakeAlerts and other frauds. But as noted, they are still Beta versions. Browser Add-On references: Malwarebytes Browser Extension for Chrome (Beta) Malwarebytes Browser Extension for Firefox (beta) Reference: US FBI PSA - Tech Support Fraud US FTC Consumer Information - Tech Support Scams US FTC - Tech Support Operators Agree to Settle Charges by FTC and the State of Ohio US FTC - FTC and Federal, State and International Partners Announce Major Crackdown on Tech Support Scams Malwarebytes' Blog - Search on - "tech support scams" Malwarebytes' Blog - "Tech support scams: help and resource page" 1. Also located at "My Online Security" - Some videos of typical tech support scams
  11. You don't have to reboot. Not for this. Like I said, it is not active.
  12. No. It is best to leave as-is. As noted it is a special OS construct. If the Recycle Bin shows empty, perhaps MBAM has already moved the item into Quarantine. If you still have that report, go ahead and choose "Quarantine Selected".
  13. The "F:" drive is the " Toshiba hard drive " you indicated you scanned. The Recycle Bin will be an Icon on your Desktop <=== This shows it has items in the Recycle Bin. This shows I have emptied it ==> https://support.microsoft.com/en-us/help/15057/windows-show-hide-recycle-bin Once it is on the Windows Desktop, Right-Click on the Recycle Bin icon and choose "Empty Recycle Bin"
  14. Yes. The Recycle Bin is not a folder that is viewable in Windows Explorer. It is a "Special" OS Construct.
  15. Connect Drive "F:" and yes, you can quarantine it or you can empty the "F:" recycle bin.
  16. It is not active, it is a file in the Recycle Bin. Empty the Recycle Bin and its gone.
  17. Yes, and he came to a faux conclusion and he made a baseless claim.
  18. Please request a checkout in the Mac Malware Removal Help & Support sub-forum to ease your mind., I see that you now have done so.
  19. OK - Request a checkout in the Mac Malware Removal Help & Support sub-forum. NOTE: This thread was originally posted in Newest Malware Threats which is a Windows malware file submission sub-forum and was moved here to General Chat. Thus a presumption of Windows was made.
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.