Jump to content

Search the Community

Showing results for tags 'phishing'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Nebula
    • Malwarebytes Nebula Modules
    • Malwarebytes Endpoint Security
    • Other Malwarebytes Business Products
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL






  1. Today I received an email from Max City LLc from Biscoe, NC with email arlindkola753@yahoo.com. I attached original from gmail and my PDF copy. I have not checked if Biscoe, NC really exists but I feel maybe others have received similar emails from other email and physical addresses. Invoice - 6415 malware bytes.pdf Invoice from Max city llc (6415) - gmail.pdf
  2. Malwarebytes, Someone is trying to impersonate you (see attached email converted to text). Thank goodness I looked closely at the sender's address. Let me know if you want to see the actual email, links and all. Best regards. Malwarebytes.zip
  3. Hi all, I'm new here, but I just received a scam email from 'Malwarebytes'. Got my blood running for a sec since it was a 'paid invoice' for over $500, until I did some quick checking to see it's BS and then noticed how crummy the logo is....JERKS!!! 😝 Anywho, thanks for letting me share and happy holidays to you all! [removed personal information from the image: AdvancedSetup] Mary
  4. Hello Malwarebytes team We are AEC SOLUTIONS ENGINEERS S.A.C. Registered with RUC number 20566284953. We have more than 7 years of experience in the field of engineering. We are currently located in Peru Google Maps address: https://cutt.ly/DRxACkp Our website is blacklisted for some reason and we feel it may be a false positive. We request that we be removed from your blacklist for being false positive due to phishing I add Google transparency report of our website https://transparencyreport.google.com/safe-browsing/search?url=aecsolutions.pe In the same way, we request an email to provide you with all our documentation as a company legally incorporated in Peru. (attached RUC Social Name file of our company) Greetings
  5. My site (xiclos.com) has been marked as phishing due to a breach caused by a defective Wordpress Plugin. Due to this, our Wordpress will be replaced soon by a new architecture (in approximately 10 days), however and as a temporary measure, I have cleaned the infection, changed all administrative password, reviewed permissions of plugins and updated all components. We'll follow the situation closely for it not to repeat before the new release.
  6. Received this email on 15-Jan-21. Looks like a phishing scam. See attachment. ============================================================================================================ Dear Customer! Your subscription for MalwareBytes Anti-Exploit Security has been renewed. INVOICE ID: 1501-MBS-12823
  7. You guys are blocking my website "due to phishing" but without any reason why. I just built a site under the subdomain to show a client and now I'm being flagged. Please remove it or direct me to a support phone number to talk with somebody. I'm posting here because I wasn't given an option to post under the "False Positive" subtopic in this forum. Thank you!
  8. Dear Supporters, good day, Yesterday we were informed by one of our clients that our e-Learning platform with URL: lms.benefit.gr has been blacklisted by your good software for Account Phishing purposes. As we believe that this action was taken by mistake we would really appreciate it if you could remove this Blocking rule so our clients can connect to our web platform with no issues. Below you will find my contact information for any further clarifications as long as a link to Google's Transparency Report which indicates that our website is safe for use. Google Transparency Report: https://transparencyreport.google.com/safe-browsing/search?url=lms.benefit.gr Your prompt actions on the matter will be highly appreciated. Best regards, Konstantinos D. Kanellopoulos | IT Dpt. Benefit Software Email: it@benefit.gr
  9. Why does Malwarebytes have such an awful redirect when using Chrome? I have no idea how to fix this issue. I tried to access the Canadian government website and Malwarebytes reports this as Phishing. Come on this is sad. Please fix this. My subscription is up for renewal in a few months. If I can't even use a basic government website, I don't see a reason to renew my subscription with you guys. Attached is the warning and the government website is below. Click on. :REQUEST A LIAISON OFFICER SERVICE and watch Malwarebytes deny all access. https://www.canada.ca/en/revenue-agency/programs/about-canada-revenue-agency-cra/compliance/liaison-officer-initiative-loi.html
  10. Hi, we have received notification that web.getgreenbadger.com and www.getgreenbadger.com are marked as phishing sites. This is a false positive. We are using https://letsencrypt.org/ for the SSL certificate. Please remove the false positive. Thx!
  11. Hello! First time I posted, so hopefully it is in the right forum. Currently on Malwarebytes Premium Version Update package version 1.0.18998 Component package version 1.0.804 I keep getting back to back pop-ups from Malwarebytes. Is this a False Positive? If so, why does it not like my OneDrive all of a sudden? The po-ups are: Thank you!
  12. Hey people of Malwarebytes, So i loaded up my stream and kept getting popups (literally every 5 minutes) with malwarebytes is blocking streamlabs obs on an outgoing connection, i have noticed alot of other people are having this problem but i havent see anyone have it from streamlabs obs. apart from this i rarely have to report problems with malwarebytes are im happy with the product and will carry on paying for it for years to come Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 11/8/19 Protection Event Time: 5:20 PM Log File: 05b63156-024c-11ea-a767-f832e4bef60b.json -Software Information- Version: Components Version: 1.0.629 Update Package Version: 1.0.13241 License: Premium -System Information- OS: Windows 10 (Build 18362.418) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , , Blocked, [-1], [-1],0.0.0 -Website Data- Category: Phishing Domain: s3-us-west-2.amazonaws.com IP Address: Port: [60346] Type: Outbound File: C:\Program Files\Streamlabs OBS\Streamlabs OBS.exe (end)
  13. Hi, For some weird reason our website is being blocked by malwarebytes. The site was attacked by hackers but that's a long time ago and we fixed and took proper actions to keep it secure. Screenshot and report attached. Please take necessary steps to unblock this. Thank You mbm_log.txt
  14. Long story short, there is a massive phishing campaign going on assisted by fake news and the email contains some links such as these. I am here to report these, VirusTotal is unable to detect anything but the behavior is suspicious already. Save this Javascript, might be dangerous and relevant for the analysis, its obfuscated (came from the source code of one of the following links): https://api.b2c.com/api/init-607fc50a7q9gbqtx6p6.js The hyperlinked text in the email redirects to several URLs like these: http://service.comms.yahoo.net/T/v40000016d4bd6ef6d8f2bd6f4bbc782e8/d851160d7f5b444c0000021ef3a0bcc4/d851160d-7f5b-444c-9bac-3f9f9003f12a?__F__=v0fUYvjHMDjRPMSh3tviDHXIoXcPxvDgUUCCPvXMWoX_0JoZLAZABQFyuCvepFzO6Gi_7mTyxpEHBeobYfYuMKxKF30_nRv5kdBS5o8DWw7zWwaKHPicgJEbi2mIcO09HMayTwoan5hE1cmytgCJaAhI-l7ev-4o3mj7drBut5GMaWk_bdZMloV8tbO0p0IuS3g9LFpxs-MrZZXFvv1IUW9mIDinWMAisyKO0YxWWoDaYakLM-WjT6-28_oIzktSoIRFnqNi6mzOj05IBTsE4voYqZwAj-6-kW3WL2ZdHK1elojTfMIXhkIQ== http://service.comms.yahoo.net/T/v40000016d4bd6ef6d8f2bd6f4bbc782e8/d851160d7f5b444c0000021ef3a0bcc5/d851160d-7f5b-444c-9bac-3f9f9003f12a?__F__=v0fUYvjHMDjRPMSh3tviDHXIoXcPxvDgUUCCPvXMWoX_0JoZLAZABQFzPG-zH7Z8Axr6nl0B3NK8Oe7rrqH8l-9KF30_nRv5kdIFdJ4JByjkh0LDjb0_vYeMF5FrNsmjk0yCxHOQEea5D71LZ16xxHfU-jLNCm8kZ2NWSpuVhwfSZWa1u0svKt6VG3qmegcJmKUTqBQwYa1FGa-jt3plckiARUTd_iNt21hpVWCd3eWlnbNU1oow4p0wVzMEaYF6wgVH6Io0XoMus8whCpPOrU82IAxf9c_Kl7FxRBMDLJOe1zYKSDKyTEiq7jrk9JUCdWt9YwW13jtHo= Which come from a realistic phishing email, as shown: The final URL is: www.YahooDataBreachSettlement.com Notice yahoo.net rather than yahoo.com
  15. We are producers and distributors of food ingridients & additivies on the market of Moldova. We had security issues with our website https://www.cedrus.md which were already dealt with, 6-7 months ago. The website was originally built on the Wordpress and containted unofficial plugins through which all the spam messages and viruses were comming. We have changed our host providers and have moved the website from wordpress to original CMS, as well as have undertaken additional security measures. At the moment it is fully clean. Even so, the malwbarbytes is detecting us as phising. https://www.virustotal.com/gui/url/46df2d0f22e6952355cd1be8616dfaf6f9ecdad4924206232b137d6cc124029a/detection https://www.cedrus.md I kindly ask you to exclude our domain from the black list, as it causes serious problems for our work and email interactions with our partners. As comfirmation of company legitimacy I am attaching our certificated of registration. Thanks in advance! Extras Cedrus.pdf
  16. Hello, My site hxxps://about.simdif.com is being flagged as phishing. I have reviewed its code. It's seems clean to me. Google Transparency Reports also says that it is clean. Please help me identify the cause of the flag, so that I can fix my site. I attach for reference some screenshots and the text report generated from Malwarebytes Premium Trial. Best Regards Stefan Report.txt
  17. What does Malwarebytes for Mac do, if anything, to protect against phishing? As we all know, that is the main threat vector and I want to put something on my mother's Macbook to protect her against some of the more clever phishing attempts as she is not very technically inclined. I didn't see anything on the product page that specifically referenced phishing protection...
  18. Our site https://www.radio.bialystok.pl has been listed in MalwareBytes Chrome Extension Beta as "Website blocked due to phishing". This seems to be a false positive alert - could you, please, remove it from any URL-blocked lists it appears on. PS. It might be the case that third party (VirusTotal? DrWeb?) software scanner tools report some sites in regional domain: bialystok.pl as source of malicious software?
  19. Hello everyone, I just read this article and got a little worried: https://www.howtogeek.com/fyi/bing-is-pushing-malware-when-you-search-for-chrome/ I have three quick questions that I hope someone could help me with: 1. If you actually run that phony installer, will it still act as the official installer? As in everything will act normally but you actually have a hidden malware in your Chrome? 2. If I installed Chrome a while ago, how can I check that my installation is genuine and not a fake Google Chrome? I don' have the installer anymore. 3. Would a Malwarebytes scan detect a bad installation? I ran a scan and it didn't find anything. Thank you and have an awesome day!
  20. Only recently, each time I use my computer, I'm getting constant alerts of infected webpages and phishing alerts--the alerts come in doubles--each instance of it happening has the same url for the infected webpage and phishing attempt, but the different instances can have slightly different urls. I've reported them to official sites, but am still having these constant alerts. I've had great help from this forum in times past, and truly appreciate any help you could offer as soon as possible.
  21. Hi! One of our websites is being blocked by malwarebytes premium. ============================================================================= Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 9/3/18 Protection Event Time: 11:14 AM Log File: 6e461640-af51-11e8-8c73-309c23056052.json -Software Information- Version: Components Version: 1.0.421 Update Package Version: 1.0.6621 License: Premium -System Information- OS: Windows 10 (Build 17134.228) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , , Blocked, [-1], [-1],0.0.0 -Website Data- Category: Phishing Domain: satworkscy.com IP Address: Port: [51429] Type: Outbound File: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (end) ======================================================================== I have checked on the server and all files are fine ... no phishing. Is it a false positive or I just did not check my website well enough??? Thank you in advance! Kind Regards, Adelin
  22. I'm accustomed to report phishing URLs to ESET, Google, Netcraft, Microsoft, HPhosts forum and phishtank. Malwarebytes for Chrome blocks hxxp://phishing.eset.com/report/ita (safe to visit). I attached a screenshot. It is a false positive detection. Please fix it. Cheers
  23. Hi there: Our web site (www.rosewill.com) was reported as phishing site on 25-02-2018 by Stefan, it is false positive. Please recheck our site and remove it from your black list, and let me know if you or someone found some suspicious pages, thanks. Linhsinlei
  24. Malwarebytes reported several times that the website ia.801509.us.archive.org. This website URL is associated with phishing and was reported by Malwarebytes as malware. When running scans, the threat does not appear. I would like help in ridding my computer of the infection. The last log from the blocked site is shown in the attachment below. Sometimes it is logged as "malware" and sometimes classified as "unspecified". Thank you for your assistance.
  25. Hi, This morning we had an employee open a phishing email and subsequently open one of the two attachments that came with it. When they opened it nothing appeared to happen, so far as they could tell, but they got in touch with us here in the IT department as it seemed odd to them. As soon as we saw the email we could see that it had flags all over it. Anyway we have ran scans and been in touch with our email spam filter guys and they came back to us saying that it was phishing for credentials and possibly more. The laptop is now disconnected from any network and all logins have been changed that the end user would have used. What can we do now in this situation as we ran it through virustotal.com and it showed as not being caught by anything and also only appearing today? Any help you can bring to us here would be very much appreciated.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.