Clicked atch in spoofed emails, MalwareBytes Premium scan OK. What Next?

[Dave_247]

First time posting. Received two e-mails with attachments from our neighborhood's HOA property management company, it was a known person.  When I opened the attached e-mail, I clicked on the link to open PDF, wouldn't connect, said broken link, but the URL went to a strange entity so I stopped. Confirmed with the management company that their employee's account had been compromised and was sending e-mails to us, so the e-mails were definitely bogus. Scanned with MalwareBytes premium daily for the past 4 days and it is clean every time.  Not seeing anything different in laptop's operation but am concerned about personal and financial information. What else should I be doing/running to determine if there was embedded malware, or is there anything I should upload for review?

Thank you! 

Dave

[Porthos]

2 hours ago, Dave_247 said:

is there anything I should upload for review?

Zip and attach the actual PDF. Or the link you clicked.

Please post suspect and/or malicious URLs safely by using Code Tags.

 

 

Edited April 24 by Porthos

[Porthos]

40 minutes ago, Dave_247 said:

Am just afraid that something may have executed in the background and installed malware, as the same e-mails were reportedly sent to nearly a hundred people in our neighborhood.

Thank you very much, we really appreciate your advice on the matter!

Is this the "error" you saw?

I don't think you "got" anything. I asked someone to look at the emails to chime in as well.

Edited April 24 by Porthos

[Porthos]

@Dave_247 I removed the post with the attachments and forwarded them for someone to look at.

[Dave_247]

In response to your question Is this the "error" you saw?

Sorry, I didn't do a screen capture, but it was a different screen that also returned the message, "This link has been removed."  The PDF link appeared to point to someone's SharePoint account at a place/company I didn't recognize:

 

https://huntingtonoakmont-my.sharepoint.com/:b:/g/personal/cmariotti_oakmontcommunities_com/EV4_s2Ucn1JNvUZ0rDUn95MB93EbdtAPMl8aYvdDDDnjLg?e=oamMg1

 

Edited April 25 by AdvancedSetup
Disabled hyperlinks

[David H. Lipman]

What looks like it would have been a Phish, has been taken down.

When posting malicious, suspicious and/or nefarious URLs, please place them in Code Tags such that they are not posted as "clickable" Live Links.

 

[Dave_247]

Thank you very much for your insight and advice, we really appreciate it!!

Dave

[David H. Lipman]

Since it was most likely a Phish, merely "clicking" on the URL will not infect your PC.  It is a Social Engineering ploy to get you provide credentials like to email or at a Bank.  Thus, unless you reached the content and provided your credentials, I wouldn't worry about this.

Example:   Microsoft Phish