Search the Community
Showing results for tags 'phishing'.
Found 15 results
-
Hey people of Malwarebytes, So i loaded up my stream and kept getting popups (literally every 5 minutes) with malwarebytes is blocking streamlabs obs on an outgoing connection, i have noticed alot of other people are having this problem but i havent see anyone have it from streamlabs obs. apart from this i rarely have to report problems with malwarebytes are im happy with the product and will carry on paying for it for years to come Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 11/8/19 Protection Event Time: 5:20 PM Log File: 05b63156-024c-11ea-a767-f832e4bef60b.json -Software Information- Version: 3.8.3.2965 Components Version: 1.0.629 Update Package Version: 1.0.13241 License: Premium -System Information- OS: Windows 10 (Build 18362.418) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , , Blocked, [-1], [-1],0.0.0 -Website Data- Category: Phishing Domain: s3-us-west-2.amazonaws.com IP Address: 52.218.237.152 Port: [60346] Type: Outbound File: C:\Program Files\Streamlabs OBS\Streamlabs OBS.exe (end)
-
Hi, For some weird reason our website is being blocked by malwarebytes. The site was attacked by hackers but that's a long time ago and we fixed and took proper actions to keep it secure. Screenshot and report attached. Please take necessary steps to unblock this. Thank You mbm_log.txt
-
Long story short, there is a massive phishing campaign going on assisted by fake news and the email contains some links such as these. I am here to report these, VirusTotal is unable to detect anything but the behavior is suspicious already. Save this Javascript, might be dangerous and relevant for the analysis, its obfuscated (came from the source code of one of the following links): https://api.b2c.com/api/init-607fc50a7q9gbqtx6p6.js The hyperlinked text in the email redirects to several URLs like these: http://service.comms.yahoo.net/T/v40000016d4bd6ef6d8f2bd6f4bbc782e8/d851160d7f5b444c0000021ef3a0bcc4/d851160d-7f5b-444c-9bac-3f9f9003f12a?__F__=v0fUYvjHMDjRPMSh3tviDHXIoXcPxvDgUUCCPvXMWoX_0JoZLAZABQFyuCvepFzO6Gi_7mTyxpEHBeobYfYuMKxKF30_nRv5kdBS5o8DWw7zWwaKHPicgJEbi2mIcO09HMayTwoan5hE1cmytgCJaAhI-l7ev-4o3mj7drBut5GMaWk_bdZMloV8tbO0p0IuS3g9LFpxs-MrZZXFvv1IUW9mIDinWMAisyKO0YxWWoDaYakLM-WjT6-28_oIzktSoIRFnqNi6mzOj05IBTsE4voYqZwAj-6-kW3WL2ZdHK1elojTfMIXhkIQ== http://service.comms.yahoo.net/T/v40000016d4bd6ef6d8f2bd6f4bbc782e8/d851160d7f5b444c0000021ef3a0bcc5/d851160d-7f5b-444c-9bac-3f9f9003f12a?__F__=v0fUYvjHMDjRPMSh3tviDHXIoXcPxvDgUUCCPvXMWoX_0JoZLAZABQFzPG-zH7Z8Axr6nl0B3NK8Oe7rrqH8l-9KF30_nRv5kdIFdJ4JByjkh0LDjb0_vYeMF5FrNsmjk0yCxHOQEea5D71LZ16xxHfU-jLNCm8kZ2NWSpuVhwfSZWa1u0svKt6VG3qmegcJmKUTqBQwYa1FGa-jt3plckiARUTd_iNt21hpVWCd3eWlnbNU1oow4p0wVzMEaYF6wgVH6Io0XoMus8whCpPOrU82IAxf9c_Kl7FxRBMDLJOe1zYKSDKyTEiq7jrk9JUCdWt9YwW13jtHo= Which come from a realistic phishing email, as shown: The final URL is: www.YahooDataBreachSettlement.com Notice yahoo.net rather than yahoo.com
-
We are producers and distributors of food ingridients & additivies on the market of Moldova. We had security issues with our website https://www.cedrus.md which were already dealt with, 6-7 months ago. The website was originally built on the Wordpress and containted unofficial plugins through which all the spam messages and viruses were comming. We have changed our host providers and have moved the website from wordpress to original CMS, as well as have undertaken additional security measures. At the moment it is fully clean. Even so, the malwbarbytes is detecting us as phising. https://www.virustotal.com/gui/url/46df2d0f22e6952355cd1be8616dfaf6f9ecdad4924206232b137d6cc124029a/detection https://www.cedrus.md I kindly ask you to exclude our domain from the black list, as it causes serious problems for our work and email interactions with our partners. As comfirmation of company legitimacy I am attaching our certificated of registration. Thanks in advance! Extras Cedrus.pdf
-
Hello, My site hxxps://about.simdif.com is being flagged as phishing. I have reviewed its code. It's seems clean to me. Google Transparency Reports also says that it is clean. Please help me identify the cause of the flag, so that I can fix my site. I attach for reference some screenshots and the text report generated from Malwarebytes Premium Trial. Best Regards Stefan Report.txt
-
What does Malwarebytes for Mac do, if anything, to protect against phishing? As we all know, that is the main threat vector and I want to put something on my mother's Macbook to protect her against some of the more clever phishing attempts as she is not very technically inclined. I didn't see anything on the product page that specifically referenced phishing protection...
-
Our site https://www.radio.bialystok.pl has been listed in MalwareBytes Chrome Extension Beta as "Website blocked due to phishing". This seems to be a false positive alert - could you, please, remove it from any URL-blocked lists it appears on. PS. It might be the case that third party (VirusTotal? DrWeb?) software scanner tools report some sites in regional domain: bialystok.pl as source of malicious software?
-
Hello everyone, I just read this article and got a little worried: https://www.howtogeek.com/fyi/bing-is-pushing-malware-when-you-search-for-chrome/ I have three quick questions that I hope someone could help me with: 1. If you actually run that phony installer, will it still act as the official installer? As in everything will act normally but you actually have a hidden malware in your Chrome? 2. If I installed Chrome a while ago, how can I check that my installation is genuine and not a fake Google Chrome? I don' have the installer anymore. 3. Would a Malwarebytes scan detect a bad installation? I ran a scan and it didn't find anything. Thank you and have an awesome day! -
Only recently, each time I use my computer, I'm getting constant alerts of infected webpages and phishing alerts--the alerts come in doubles--each instance of it happening has the same url for the infected webpage and phishing attempt, but the different instances can have slightly different urls. I've reported them to official sites, but am still having these constant alerts. I've had great help from this forum in times past, and truly appreciate any help you could offer as soon as possible. -
Hi! One of our websites is being blocked by malwarebytes premium. ============================================================================= Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 9/3/18 Protection Event Time: 11:14 AM Log File: 6e461640-af51-11e8-8c73-309c23056052.json -Software Information- Version: 3.5.1.2522 Components Version: 1.0.421 Update Package Version: 1.0.6621 License: Premium -System Information- OS: Windows 10 (Build 17134.228) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , , Blocked, [-1], [-1],0.0.0 -Website Data- Category: Phishing Domain: satworkscy.com IP Address: 181.214.31.79 Port: [51429] Type: Outbound File: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (end) ======================================================================== I have checked on the server and all files are fine ... no phishing. Is it a false positive or I just did not check my website well enough??? Thank you in advance! Kind Regards, Adelin
-
I'm accustomed to report phishing URLs to ESET, Google, Netcraft, Microsoft, HPhosts forum and phishtank. Malwarebytes for Chrome blocks hxxp://phishing.eset.com/report/ita (safe to visit). I attached a screenshot. It is a false positive detection. Please fix it. Cheers
-
Hi there: Our web site (www.rosewill.com) was reported as phishing site on 25-02-2018 by Stefan, it is false positive. Please recheck our site and remove it from your black list, and let me know if you or someone found some suspicious pages, thanks. Linhsinlei
-
Malwarebytes reported several times that the website ia.801509.us.archive.org. This website URL is associated with phishing and was reported by Malwarebytes as malware. When running scans, the threat does not appear. I would like help in ridding my computer of the infection. The last log from the blocked site is shown in the attachment below. Sometimes it is logged as "malware" and sometimes classified as "unspecified". Thank you for your assistance.
-
Hi, This morning we had an employee open a phishing email and subsequently open one of the two attachments that came with it. When they opened it nothing appeared to happen, so far as they could tell, but they got in touch with us here in the IT department as it seemed odd to them. As soon as we saw the email we could see that it had flags all over it. Anyway we have ran scans and been in touch with our email spam filter guys and they came back to us saying that it was phishing for credentials and possibly more. The laptop is now disconnected from any network and all logins have been changed that the end user would have used. What can we do now in this situation as we ran it through virustotal.com and it showed as not being caught by anything and also only appearing today? Any help you can bring to us here would be very much appreciated. -
Please help me remove malware from www.allofmyinterest.com
