Jump to content
Mark_Albrosco

Email with link to blocked site

Recommended Posts

Note: this topic was originally posted in Home > Research Center > Newest IP or URL Threats and moved to this forum as suggested by David H. Lipman

Malwarebytes Cloud Protection reported a blocked website for one of my users.

Investigation revealed that the user did not browse to the site, but an email received from a supplier contact when opened in the preview pane of Outlook Web Access immediately results in a series of popups from Malwarebytes Endpoint Protection as below:

image.png.d75f668d02283196b0b59a1f40ebe23a.png

I checked the URL using

 virustotal.com 

and the results were as follows:

image.png.42f470262546ace04d670bb6d8a27ecb.png

I've attached a zip file containing the email - I'd like it to be analyzed so that I can report what is causing the email to attempt to make an outbound connection. I also intend to contact our supplier and alert them to this issue, so that they can take appropriate action

The following was also reported by Malwarebytes Endpoint Protection in relation to this item

image.png.e95a5ba0ec6495bb9dcf1019585a17b9.png

Email-CrossBrowser-blocked.zip

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.