Skip to content

Beware That “Safe” Attachment

Recently, “my bank” sent me an email with a notice about my account.  Being a security conscious IT guy, I was WellsFargo99.999% sure that no bank would ever send an email with a .html attachment. After updating Norton and Malwarebytes,  I got clean scans of the attachment from both.  Even though all the links in the email were to Wells Fargo, I was certain that the attachment had malicious intent, and uploaded it to Virus Total, and 1 of the 57 online scanners, 56 gave a green check mark, and 1 correctly said Heuristics.Phishing.Email.SpoofedDomain.

scanresultsHad the attachment been a virus or trojan, the detection rate may have been much higher.  Regardless, be careful.  Don’t think that your security software will protect you from willy-nilly clicking on attachments, because it may not. I have had other instances of attached trojans getting clean scans.  Only after I uploaded them to my security software vendor did they analyze and update their software to detect and remove them. It’s dangerous out there.


Posted in Information Security, Privacy, Technology.

Tagged with , , .

0 Responses

Stay in touch with the conversation, subscribe to the RSS feed for comments on this post.

Some HTML is OK

or, reply to this post via trackback.