Jump to content

David H. Lipman

Experts
  • Posts

    20,838
  • Joined

  • Days Won

    244

Everything posted by David H. Lipman

  1. I can check the RAW email in .EML format for you. It will contain the Full Header and Body of the email in raw format. The headers can be used to verify who sent the email and the the path the email took to get you. If that same .EML file represents the email with the HTML file, I can then check that HTML. You can send me a Personal Message (PM) with the RAW email in .EML format contained within a ZIP, RAR or 7zip archive as a PM attachment. I WILL keep your information PRIVATE. How you extract that .EML format file is dependent upon on the email system you use and if you use Webmail or an Email Client like Thunderbird. Since so many use GMail, here iare the instructions to extract that .EML format file from GMail. How to Save a Gmail Message as an EML File
  2. I moved the thread to General Chat as it really isn't about the MAC version of Malwarebytes. The proper way to send encrypted email would be for you to have a Personal Certificate. You would then Digitally Sign an email and send it to xXcompanyXx. Once they receive that email the recipient has your certificate and they can then send you the encrypted email by using your certificate. I have sent thousands of Signed Emails but but only a small percentage were encrypted. Usually because the email contained PII or sensitive/proprietary company information. The vast majority of people won't get a Personal Certificate for the purpose of non-repudiation and to Sign/Encrypt Email. Some companies like financial institutions may circumvent this by sending the recipient an email with a Link that goes to a Trusted Server that hosts the PII or sensitive/proprietary information. However I do not know of a legitimate process that involves the sending of a a HTML file. Since HTML can use obfuscation and JavaScript it is a risky format and even a legitimate email with a HTML file may get flagged as spam or blocked by Spam and Content Filters. What I have seen is numerous HTML files that are sent in email as a Phish. Either the email has the HTML as an attachment or the email has a link to a 3rd party web site that would download the HTML file. They can be quite crafty and can even HiJack the Microsoft OAuth login progress. I am not familiar with the processes in the YouTube videos which seem arcane. Malwarebytes software does not target scripted malware and HTML is a type of script so even if it was malicious, MBAM would not "detect" it. Avira, does, and may detect a malicious HTML file. But not always if is a Zero Day file and it may take time before Avira may flag a detection on a malicious HTML file. A better process is to upload the HTML file to Virus Total and see what a consensus of participating vendors may detect. But, not initially if is a Zero Day file and it may take time for detections to show on Virus Total. To me, the process you describe is suspect as it parallels malicious activity. Thus requiring corroboration and vetting. For me the general rules of email security come into play here. Are you expecting an email from xXcompanyXx? If Yes, were you expecting an attachment in said email? If No, call xXcompanyXx and verify if they indeed sent that email and the attachment and ask about its intentions and what to expect and why do you have to go through that process. All of the above is conjecture. The actual email in RAW .EML format and the associated attachment can help determine if the email is real or if it was a Phish.
  3. You are indicating that a Mobile Device geared Variant URL is the issue?
  4. @brad03 was having a similar problem in Post ID:1556437 In an exchange of PM's we had issues on it. I suspect its a temporary forum'ware glitch that self corrects in time.
  5. Dealing with the Internet Service Provider can be a real hassle indeed. I think we all have had "issues" with our own at one time or another. Thanx for sharing your story.
  6. When you subscribe, you may receive an email of any new breaches that email, that you used to subscribe with, may be associated with. The knowledge here is key. That there was a Breach in which you were involved with and was identified with the email address the need of a change of a password and it being replaced with a Strong Password the knowledge that the information may be used in a scam such as an email based 1Blackmail scheme The knowledge the issue of Breaches is ongoing and you must be prepared to handle past, present and future events. Passwords must be unique and not used amongst multiple sites. 1. US FBI PSA - Extortionists Increasingly Using Recipients' Personal Information To Intimidate Victims US FTC Consumer Information - How to avoid a Bitcoin blackmail scam Bitcoin - Bitcoin Abuse Database BleepingComputer - Beware of Extortion Scams Stating They Have Video of You on Adult Sites Malwarebytes' Blog - Sextortion emails: They’re probably not watching you Malwarebytes Forum sample thread - Got strange threating email. Malwarebytes Forum FYI thread - FYI: Email Blackmail Scam still current
  7. Pertains to the ascertainment of sensitive Personally Identifiable Information (PII)
  8. You quoted me before I corrected my mistake.
  9. I would have to defer to someone more familiar with cellular devices as I do not use any. My limited knowledge presumes that the devices they talk about do not support the higher speeds of 5G but limits their access to 4G networks and associated speeds.
  10. They can be obtained from an Internet Service Provider like Verizon or from 3rd party companies like TravelWiFi. They can be rented monthly or can have a Lease agreement that can last 3 years. The reputation would be tied to the service it is rented from. Like a Smart Phone or Cell Phone its capability in accessing the Internet is the ability to secure access to a Cellular Tower and their so-called Network Coverage. Yes. These devices do provide a mini protected area in which one can connect in a sea of unsecured WiFi HotSpots. It is Private. It is your private network not unlike your home network behind your Router. As noted in the thread your read from Oct 11~12 2022, A Smart Phone can also create a similar service. The Smart Phone connects to the Cellular Network and is used to create a Private WiFi HotSpot. EDIT: References: https://frontier.com/resources/what-is-mobile-hotspot https://www.gearpatrol.com/tech/a555121/best-mobile-hotspots/ https://www.digitaltrends.com/mobile/what-you-need-to-know-about-portable-wifi-hotspot/
  11. How Apple and Amazon Security Flaws Led to My Epic Hacking The fallacy of the use of Single Sign-On between different companies. Don't do it - Resist. Keep your accounts compartmentalized and not "linked".
  12. T-Mobile was compromised. Since 2018 they have been compromised 5 times. Don't use their services.
  13. FTC Sues to Stop Interconnected Web of VoIP Service Providers Carrying Robocalls Pitching Phony Debt Relief Services
  14. New FTC Data Show Consumers Reported Losing Nearly $8.8 Billion to Scams in 2022
  15. As a file associated application, the MS Office user may not use OneNote. However it is still part of the MS Office suite and OneNote is still available to open the file associated with OneNote. That does not mean "... that the user doesn't even have to click or open something for it to run on the system."
  16. OneNote is the MS Office application. Files associated with this application have the file extension of .ONE and these can be used maliciously just like MS Word .DOC/.DOCx and Excel .XLS/.XLSx files. Documents that are used in a malicious fashion are referred to as maldocs (malicious documents). All the .ONE maldocs I have seen require interaction by the victim and I believe the articles indicates that as well and choosing or clicking on something is interaction by the user/victim.
  17. In its bundled with GoogleToolbar. That probably where the detection come form. It is not malicious per se. It is junk that comes along with the WinZIP Self-Extracting installer. It should ask if you want to install the bundled crap. Just don't.
  18. https://www.virustotal.com/gui/file/cbf2464bd41b47b89be41427aab9b3fd3433f34a2f128d416d36565ddebdf60f/detection
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.