Search the Community
Showing results for tags 'phishing'.
Found 14 results
-
Hello! First time I posted, so hopefully it is in the right forum. Currently on Malwarebytes Premium Version 4.0.4.49 Update package version 1.0.18998 Component package version 1.0.804 I keep getting back to back pop-ups from Malwarebytes. Is this a False Positive? If so, why does it not like my OneDrive all of a sudden? The po-ups are: Thank you!
-
Hey people of Malwarebytes, So i loaded up my stream and kept getting popups (literally every 5 minutes) with malwarebytes is blocking streamlabs obs on an outgoing connection, i have noticed alot of other people are having this problem but i havent see anyone have it from streamlabs obs. apart from this i rarely have to report problems with malwarebytes are im happy with the product and will carry on paying for it for years to come Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 11/8/19 Protection Event Time: 5:20 PM Log File: 05b63156-024c-11ea-a767-f832e4bef60b.json -Software Information- Version: 3.8.3.2965 Components Version: 1.0.629 Update Package Version: 1.0.13241 License: Premium -System Information- OS: Windows 10 (Build 18362.418) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , , Blocked, [-1], [-1],0.0.0 -Website Data- Category: Phishing Domain: s3-us-west-2.amazonaws.com IP Address: 52.218.237.152 Port: [60346] Type: Outbound File: C:\Program Files\Streamlabs OBS\Streamlabs OBS.exe (end)
-
Hi, For some weird reason our website is being blocked by malwarebytes. The site was attacked by hackers but that's a long time ago and we fixed and took proper actions to keep it secure. Screenshot and report attached. Please take necessary steps to unblock this. Thank You mbm_log.txt
-
Long story short, there is a massive phishing campaign going on assisted by fake news and the email contains some links such as these. I am here to report these, VirusTotal is unable to detect anything but the behavior is suspicious already. Save this Javascript, might be dangerous and relevant for the analysis, its obfuscated (came from the source code of one of the following links): https://api.b2c.com/api/init-607fc50a7q9gbqtx6p6.js The hyperlinked text in the email redirects to several URLs like these: http://service.comms.yahoo.net/T/v40000016d4bd6ef6d8f2bd6f4bbc782e8/d851160d7f5b444c0000021ef3a0bcc4/d851160d-7f5b-444c-9bac-3f9f9003f12a?__F__=v0fUYvjHMDjRPMSh3tviDHXIoXcPxvDgUUCCPvXMWoX_0JoZLAZABQFyuCvepFzO6Gi_7mTyxpEHBeobYfYuMKxKF30_nRv5kdBS5o8DWw7zWwaKHPicgJEbi2mIcO09HMayTwoan5hE1cmytgCJaAhI-l7ev-4o3mj7drBut5GMaWk_bdZMloV8tbO0p0IuS3g9LFpxs-MrZZXFvv1IUW9mIDinWMAisyKO0YxWWoDaYakLM-WjT6-28_oIzktSoIRFnqNi6mzOj05IBTsE4voYqZwAj-6-kW3WL2ZdHK1elojTfMIXhkIQ== http://service.comms.yahoo.net/T/v40000016d4bd6ef6d8f2bd6f4bbc782e8/d851160d7f5b444c0000021ef3a0bcc5/d851160d-7f5b-444c-9bac-3f9f9003f12a?__F__=v0fUYvjHMDjRPMSh3tviDHXIoXcPxvDgUUCCPvXMWoX_0JoZLAZABQFzPG-zH7Z8Axr6nl0B3NK8Oe7rrqH8l-9KF30_nRv5kdIFdJ4JByjkh0LDjb0_vYeMF5FrNsmjk0yCxHOQEea5D71LZ16xxHfU-jLNCm8kZ2NWSpuVhwfSZWa1u0svKt6VG3qmegcJmKUTqBQwYa1FGa-jt3plckiARUTd_iNt21hpVWCd3eWlnbNU1oow4p0wVzMEaYF6wgVH6Io0XoMus8whCpPOrU82IAxf9c_Kl7FxRBMDLJOe1zYKSDKyTEiq7jrk9JUCdWt9YwW13jtHo= Which come from a realistic phishing email, as shown: The final URL is: www.YahooDataBreachSettlement.com Notice yahoo.net rather than yahoo.com
-
We are producers and distributors of food ingridients & additivies on the market of Moldova. We had security issues with our website https://www.cedrus.md which were already dealt with, 6-7 months ago. The website was originally built on the Wordpress and containted unofficial plugins through which all the spam messages and viruses were comming. We have changed our host providers and have moved the website from wordpress to original CMS, as well as have undertaken additional security measures. At the moment it is fully clean. Even so, the malwbarbytes is detecting us as phising. https://www.virustotal.com/gui/url/46df2d0f22e6952355cd1be8616dfaf6f9ecdad4924206232b137d6cc124029a/detection https://www.cedrus.md I kindly ask you to exclude our domain from the black list, as it causes serious problems for our work and email interactions with our partners. As comfirmation of company legitimacy I am attaching our certificated of registration. Thanks in advance! Extras Cedrus.pdf
-
Hello, My site hxxps://about.simdif.com is being flagged as phishing. I have reviewed its code. It's seems clean to me. Google Transparency Reports also says that it is clean. Please help me identify the cause of the flag, so that I can fix my site. I attach for reference some screenshots and the text report generated from Malwarebytes Premium Trial. Best Regards Stefan Report.txt
-
What does Malwarebytes for Mac do, if anything, to protect against phishing? As we all know, that is the main threat vector and I want to put something on my mother's Macbook to protect her against some of the more clever phishing attempts as she is not very technically inclined. I didn't see anything on the product page that specifically referenced phishing protection...
-
Our site https://www.radio.bialystok.pl has been listed in MalwareBytes Chrome Extension Beta as "Website blocked due to phishing". This seems to be a false positive alert - could you, please, remove it from any URL-blocked lists it appears on. PS. It might be the case that third party (VirusTotal? DrWeb?) software scanner tools report some sites in regional domain: bialystok.pl as source of malicious software?
-
Hello everyone, I just read this article and got a little worried: https://www.howtogeek.com/fyi/bing-is-pushing-malware-when-you-search-for-chrome/ I have three quick questions that I hope someone could help me with: 1. If you actually run that phony installer, will it still act as the official installer? As in everything will act normally but you actually have a hidden malware in your Chrome? 2. If I installed Chrome a while ago, how can I check that my installation is genuine and not a fake Google Chrome? I don' have the installer anymore. 3. Would a Malwarebytes scan detect a bad installation? I ran a scan and it didn't find anything. Thank you and have an awesome day! -
Only recently, each time I use my computer, I'm getting constant alerts of infected webpages and phishing alerts--the alerts come in doubles--each instance of it happening has the same url for the infected webpage and phishing attempt, but the different instances can have slightly different urls. I've reported them to official sites, but am still having these constant alerts. I've had great help from this forum in times past, and truly appreciate any help you could offer as soon as possible. -
Hi! One of our websites is being blocked by malwarebytes premium. ============================================================================= Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 9/3/18 Protection Event Time: 11:14 AM Log File: 6e461640-af51-11e8-8c73-309c23056052.json -Software Information- Version: 3.5.1.2522 Components Version: 1.0.421 Update Package Version: 1.0.6621 License: Premium -System Information- OS: Windows 10 (Build 17134.228) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , , Blocked, [-1], [-1],0.0.0 -Website Data- Category: Phishing Domain: satworkscy.com IP Address: 181.214.31.79 Port: [51429] Type: Outbound File: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (end) ======================================================================== I have checked on the server and all files are fine ... no phishing. Is it a false positive or I just did not check my website well enough??? Thank you in advance! Kind Regards, Adelin
-
I'm accustomed to report phishing URLs to ESET, Google, Netcraft, Microsoft, HPhosts forum and phishtank. Malwarebytes for Chrome blocks hxxp://phishing.eset.com/report/ita (safe to visit). I attached a screenshot. It is a false positive detection. Please fix it. Cheers
-
Hi there: Our web site (www.rosewill.com) was reported as phishing site on 25-02-2018 by Stefan, it is false positive. Please recheck our site and remove it from your black list, and let me know if you or someone found some suspicious pages, thanks. Linhsinlei
-
Malwarebytes reported several times that the website ia.801509.us.archive.org. This website URL is associated with phishing and was reported by Malwarebytes as malware. When running scans, the threat does not appear. I would like help in ridding my computer of the infection. The last log from the blocked site is shown in the attachment below. Sometimes it is logged as "malware" and sometimes classified as "unspecified". Thank you for your assistance.
