JS/Phish virus

Similar Messages

• I keep getting a js/phish virus detdection on my compute how can I get rid of it?

  My new windows8 computer came with norton 360 but I did not think it would get rid of virus' for me so I got AVG and now about once a day AVG tells me that I have a Js/phish virus and it says its from norton how do I get rid of norton to stop getting this virus?

  It is probably not a good idea to have two sets of anti Virus program. (I am assuming Norton includes AV).
  You probably need to check with Norton about removal of software. Security software is not always straight-forward to remove, otherwise it could be ineffective.
  This may be applicable
  * https://support.norton.com/sp/en/uk/home/current/solutions/kb20080710133834EN_EndUserProfile_en_us

• I have some sort of phishing virus on my iPad or iMac. I inadvertently opened an attachment and I am now seeing odd emails being sent to my address book?

  I opened an attachment on my iPad email which I believe now was a phishing virus. I am now send sending random emails to my address book. I also have a pop email account on my iMac and have been advised to upgrade my op system to mountain lion and download virusbarrier app.bot sure what to do on my opadvor on which device the virus is?

  There is no malware involved here.
  First, there is no malware of any kind that will work on an iPad, unless that iPad has been jailbroken. So you can open attachements willy-nilly on an iPad without fear of infection, because the iPad strictly disallows any executable code to run unless it has come directly from the App Store.
  So, what's probably going on is that your e-mail account has been hacked. This could have happened if you got a phishing e-mail (phishing is not the same as a virus) and fell for it, by clicking a link and then providing your e-mail account login credentials at the resulting page. Or it could be a completely isolated event, unrelated to anything you have done. (Though if you used a weak password, that would certainly increase the chances of getting hacked.) You should change the e-mail password ASAP.
  For more information, see Someone is sending messages from my e-mail address!

• How do I manually remove an installed program (possible fishing Virus)?

  So I downloaded an app from this site but I can't seem to find it, is it possible that I've contracted a phishing virus, if so what are the steps i should take to remove it?
  http://mac.softpedia.com/progViewOpinions/Cheat-Engine-91967,.html

  What's that thing, Cheat Engine 5.6.1 for Mac?
  Did you just download it or did you actually install the package?
  The package installer looks like this when it opens:
  The spelling errors alone are sort of entertaining.
  Clicking Read License results in no action. Since I am unwilling to consent to something I cannot read, I hit Disagree and that was that.
  The next step will ask for your user name and password, after which it will do... what? Who knows, but no right-minded person should acquiesce to unknown modifications of a computer, unless it's already running Windows, in which case it's already messed up and this sort of behaviour is normal.
  If you didn't actually install it, just forget you ever saw this thing and get on with your life. No harm done.

• Auto create Whitelist

  Can the C160 be configured to automatically add an email address that is being sent by one of our users? 
  I can see where I can manually add an address to an incoming mail policy but I would like to have it automatically happen each time we send out a message.                  

  I assume that you are talking about a list of sender email addresses in an incoming mail policy? There is no way that I know of to automatically add an address to the list of recipient addresses. You would have to have some sort of external process looking at logs and then script the addition on the CLI (expect).
  If you wanted to do that it would probably be easier to add them to an LDAP directory and configure an incoming mail policy to use ldap. It seems like you are looking for an automated whitelist which is an idea that has proven to be a huge security hole.
  Just a couple (of many) issues that I can think of:
  1) Your appliance can & should reject a lot of messages based on IP rather than just mail-from.
  2) It would be very hard to not add typos that people send to as well as emails sent based on auto-responders. I am thinking of out-of-office messages. (The list would get huge very quickly)
  3) If I knew or suspected that you had this set up you are asking for trouble. It would not be hard to predict an email that your userbase might have sent to, or use an auto-responder to get whatever I wanted added and then leverage that to send you spam/phishing/viruses.
  Recommendation: Focus on blocking by IP Reputation as much as possible. If you are seeing a high number of false positives being blocked then there are ways to solve that without the holes that an automated whitelisting brings.

• IronPort PlugIn for Outlook .enc files?

  We have started to roll out the IronPort plugin for Outlook for both Encryption and SPAM reporting.  On the SPAM reporting side I do see the e-mails that are getting reported but the e-mails are formatted differently.   I am guessing that the original e-mail being reported is now in the .enc attachment?  Is there any way that I can view these so that I can see what kind of e-mail is being reported by my users?  In the past I would check in on this from time to time and see if there were any mass e-mails that were getting through that I needed to create a custom filter for, now with these .enc files I'm not sure I can do that anymore.
  I'll post one of the .enc files here in a bit.
  Jason

  So I can confirm that the new 7.4 Outlook plugin, feature does work to submit spam/phish/virus as plaintext. Basically you just need to set (ignore the attachment name option):
  <report>
          <format>plain</format>
          <subject>Cisco Email Security Plug-in Report (${reportType})</subject>
   </report>
  Also for those upgrading to 7.4, be sure to manually upgrade yourself first, and set all your configurations using the BCE_config file first. Then follow the admin document for deploying the config file mass. The 7.3 and older config files will not work with the new plugin.
  This configuration is only recommended if you will be checking report submissions or using some form of Phishing education solution and want to exclude these e-mails from actual submission. Here is a good outline how I implemented it. If anyone is interested I can probably do a quick video demonstration while it's all fresh in my mind and post it here.
  1. Create one or more Quarantines (either on your central SMA or individual ESA/Ironport):
      Example: Reported_TestPhish (delete after a period of time), Reported_Spam, Reported_Phish, Reported_Virus, Reported_Ham, Microsoft_Junk
  2. create a Outgoing Mail filter that matches a header in your Test Emails so you can capturing them. 
      Example Match Content in Attachment: X-TEST(replace with your header) and if you use the Microsoft Report Junk Plugin, you should also use the condition to match the same text inside the mail body. Then point the action to Quarantine to your Report_TestPhish where after a period of time it will be deleted. I choose to use Quarantines rather then sending e-mails via notifications, but you could do this as well, for example if your Email Education provider can use the e-mail to track which employees reported the test e-mails for you.
  3. Create individual Outgoing filters using the recipient email address to dump it into the right Quarantine. This will allow you to to not only Quarantine and view the messages, but also will add to your reporting. You can choose to use fewer Quarantines and filters to bundle together to fit your requirements.
  4. Rather then adding these filters to your default policy, I suggest creating a new Outgoing Mail Policy called Report_Email (using the recipient email addresses). I then disable some of the policies such as DLP, A/V, and so on as needed and only apply the new filters we just created. 
  Hope this was useful for someone out there.

• Adobe send now

  This used to be so much better, but now I really struggle with this.
  1.     The default message "I have shared some files with you. Please click on the link to view and download them" so looks like SPAM/phishing/virus email.  If I got this message, I would automatically delete the email!
  2.     Changing the default message is really difficult.  Its just a single line. No matter how many sentences etc... I keep trying to make it look like it IS NOT a SPAM/phishing/virus, by pressing enter at the end of a sentence.  But all this does is CANCEL the whole thing so I have to start again.
  I waste sooooooooooooooo  much time just trying to send something securely and if I do it quickly (I thought that was the point of using it), it just looks like I am sending a SPAM/phishing/virus.
  So now I am here winging about it in an attempt of someone who could doing something about it actually reading this.
  Anyone any ideas?

  Hi there,
  I'm sorry to hear you're having trouble with Adobe Send. It sounds like you're trying to send a personalized link to a file; as long as you have the "Personalized Link" box checked, you should be able to enter an email address and then edit the subject and text of the email to say whatever you like. Here's what that looks like:
  Please note that sending personalized links requires a subscription to Adobe Send. If you don't have a subscription, you can still share documents, you just have to use the "Public Link" option. 
  Let me know if you need any assistance here; I'm happy to help out however I can.
  Best,
  Rebecca

• NetProtectPlus - unable to download

  Over the last week my laptop has been hit by a phishing virus which hijacks my eBay access - get a web page asking for bank etc details before I can access. Obviously a scam.
  As BT Option 3 customer I have BtNetprotectPlus installed, but now find it will not run - either from the desktop shorcut icon or directly from the exe file - so I cannot virus check.
  Have accessed the BT Site to re-download/re-run. but when I press download button McAfee interecepts and posts a page saying the site is suspect.  When I press OK (NOT recommended by McAfee!) I am just returned to my home page (Google).
  I have checked the Firewal settings as I am aware that there have been issues there - but under Windows Firewall it say "These settings are being managed by vendor application MAfee Personal Firewall"
  Can anyone advise me how I can download BTNP?
  Solved!
  Go to Solution.

  Good news! System Restore has improved immensely since it's introduction (Windows 2000 I think) and can be used freely any time something remotely suspicious occurs. Setting a restore point immediately before you download something you're not 100% sure about can save an amount of recovery if you decide to remove it. The shortcut at Option 1 here makes it a doddle for Windows 7 users, though it can take a minute to do its stuff. 
  You can click the white star next to this message if you think it was helpful.

• I clicked on a link from an email that may be spam/phishing.  How can I scan my mac book pro for any viruses?

  I clicked on a link in an email that may be spam/phishing.  How can I scan my mac book pro for viruses?

  You can just download the free ClamXav and scan your entire drive - but as there are no known viruses for OS X (although there is malware - see Thomas Reed's excellent Mac Malware Guide) it's very unlikely that you have a virus.
  The best source against malware is OS X itself and common sense. Don't click on links in suspicious emails and be careful of anything that wants to install something on your computer that is not from a reputable source.
  Clinton

• I received a phishing email supposedly from my bank and clicked on url - didn't enter any data though.Bank says to get ipad checked for viruses,but I understood ipad has built in security.I've cleared cookies in safari via settings.  Anything else to do?

  I received a phishing email supposedly from my bank and clicked on url - didn't enter any data though.Bank says to get ipad checked for viruses,but I understood ipad has built in security.I've cleared cookies in safari via settings.  Anything else to do?

  I know this has been solved as you reported, but I think you need to check with your e-mail provider. Did you also get this same e-mail on your computer? If you use the same ID for e-mail on computer and ipad, it should have appeared on both. It's very common spam. Check your computer to see if on it, the e-mail is in spam, or, if you deleted it on your ipad, check your recently deleted e-mails.
  You might want to consider changing your password, though people sending spam, don't need it. My e-mail provider had me change my password, not because I was getting spam, but unknown to me, I was sending it!  (You'll still get some spam, though.) It's when you learn that you're unknowingly sending spam...that you must change your password.
  Hope this helps.
  (Ss I was sending this, I just got an e-mail notification from the Nigerian... it got to my e-mail instead of going to spam.)

• I have a 2013 MacBook Pro that has a virus. Free ClamXav app scanned 2 "Phishing" files.  How do I remove?

  My MacBook Pro (purchased in 2013) was running slow with the wheel turning after I opened my Junk and Spam folders just to check the emails in there..  I never opened up any emails..  Went to the Genius Bar and and they checked my hard drive which is fine.  They said to remove some of the downloads and old emails which I did.  Problem still existed and they never checked for a virus. I downloaded the Free ClamXav app and scanned my computer to check for infected files. 2 "phishing" files were reported. How do I remove these from my computer?

  When you have the problem, note the exact time: hour, minute, second.   
  These instructions must be carried out as an administrator. If you have only one user account, you are the administrator.
  Launch the Console application in any of the following ways:
  ☞ Enter the first few letters of its name into a Spotlight search. Select it in the results (it should be at the top.)
  ☞ In the Finder, select Go ▹ Utilities from the menu bar, or press the key combination shift-command-U. The application is in the folder that opens.
  ☞ Open LaunchPad. Click Utilities, then Console in the icon grid.
  The title of the Console window should be All Messages. If it isn't, select
  SYSTEM LOG QUERIES ▹ All Messages
  from the log list on the left. If you don't see that list, select
  View ▹ Show Log List
  from the menu bar at the top of the screen.
  Each message in the log begins with the date and time when it was entered. Scroll back to the time you noted above. Select the messages entered from then until the end of the episode, or until they start to repeat, whichever comes first. Copy the messages to the Clipboard by pressing the key combination command-C. Paste into a reply to this message by pressing command-V.
  ☞ The log contains a vast amount of information, almost all of it useless for solving any particular problem. When posting a log extract, be selective. A few dozen lines are almost always more than enough.
  Please don't indiscriminately dump thousands of lines from the log into this discussion.
  Please don't post screenshots of log messages—post the text.
  ☞ Some private information, such as your name, may appear in the log. Anonymize before posting.

• I got an email that looks like Spam or Phising that states in header: "Apple online access activation". Is it Spam/Virus/Phishing..???

  I got an email that looks like Spam or Phising that states in header: "Apple online access activation". Is it Spam/Virus/Phishing..???.. It came from email: Apple [email protected] ...  Thanks...

  Identifying fraudulent "phishing" email
  You can report spam  to:     [email protected]

• Opened an email on phone that later found out had a virus or phishing. What do I do?

  Opened an email on phone that later found out had a virus or phishing. What do I do?

  You don't need to do anything for your phone. No viruses for a non jail broken phone.

• Phishing email - how do i remove any possible malware or virus that may  attack my computer?

  I recieved an email from which i now realise  was of the  phishing type. I claimed to be from USPS , told me the postal code was wrong , gave me a parcel number which i couldnt track and an attchament whiuch i unfortunately opened.The file within  was a B1 Free archiver and just contained a picture of a car.the mail aalsop claimed that it wouild charge so much per day after a 15 day period if I didnt receive the parcel.
  i would be mlost grateful fro any assistance
  thank you

  when i opemn the original attachment( B1 Free Archiver) it says name- PA23892219.exe  ,  size -344 KB  folder -exe file .when i click on  the file I get all this except its much much longer as i cut it short
  MZê  ˇˇ∏@   ∫ ¥
  Õ!∏ LÕ!This program cannot be run in DOS mode.
  $¡Â•!ÖÑÀrÖÑÀrÖÑÀrßãrÑÑÀr_ß◊réÑÀrß“ráÑÀr¢B∞ráÑÀr‹ßÿráÑÀrFãñrÜÑÀrÖÑ r±ÑÀrå¸OrÑÑÀrõ÷_rÑÑÀrå¸ZrÑÑÀrRichÖÑÀrPEL  ªI R‡   
  :  ¨E P@    Ä  SC  Ä     d≠ d¿ HªP‡.textf8 :  `.dataLb Pd >@¿.rsrcHª¿ º¢ @@UãÏÉÏ «EÎ
  ãEÉ¿ âEÉ} }T«EËÎ
  ãMËÉ¡ âMËÉ}Ë } «E¯”«EÙPÏ ÒãMÙÉ¡ ãE¯ô˜˘âE¸Î“«EÙ  çUÙâUÏãEÏãMÙ+  MÙâMÙÎù«E¸˝á«E¯’~f¸ãU¸#U¯ U¸âUÙãÂ]√UãÏÉÏ «E¸ §«E ¿çE¸âE¯ãM¯ã  ØU  ØU¸âU¸çE¸âEÙãMÙã  U  ØU¸ U¸âU¸ãÂ]√ÃÃÃÃÃÃÃÃÃÃUãÏÉÏ «E lö«E¸c’gˆãM¸É¡ ãE ô˜˘âE¯ãÂ]√ÃÃÃÃÃÃÃÃÃUãÏÉÏ ãE 3 P@âE «E¯˘ãM¯QË^ˇˇˇÉƒ «EÙßãU¯RËKˇˇˇÉƒ ãEÙPË?ˇˇˇÉƒ ãMÙÉ¡ ãE¯ô˜˘ãUÙ+–âUÙãE -Q!V+ãÂ]√ÃÃÃÃÃÃÃÃÃÃÃÃUãÏÉÏ «E¸w≈nÙçE¸âE¯ãM¯ã  ØU¸âU ãÂ]√ÃÃÃÃÃÃÃÃÃÃÃÃÃUãÏÉÏ(«EÎ
  ãEÉ¿ âEÉ} }#«E¸flJK«E¯ÖûGıãM¯#M¯ãU¸+—ãE¸+¬âE¸ÎŒ«E¸Ω–Å}¸¶—uO«EÙïí«E‰ yãMÙ#M‰+M¸ M‰âM‰«E¯€I ˜çU¯âUÏãEÏã  MÙâM‡çU¸âUËãM¸É¡ ãE‰ô˜˘ãU‡+–âU‡«E‹Î
  ãE‹É¿ âE‹É}‹ } «E¯y«Eÿ ãMÿ#Mÿ ØM¯ M¸âM¸Î—ãÂ]√ÃÃÃÃUãÏQ«E¸∏ãE¸#E¸âE¸ãÂ]√ÃÃÃÃÃÃÃÃUãÏÉÏ «E¸,Å}¸#/@Å}¸|S"«E$çE¸âEÙãMÙã  U¸+UãE+¬âEÎ ãM¸ M¸ãU¸+—ãE¸+¬âE¸Î «E˵ÔçMËâMÏãUÏã  E¸âE¸ãÂ]√ÃÃÃÃÃÃÃÃÃÃÃÃÃÃUãÏÉÏL«Eÿ√çEÿâEÙãMÿÉ¡ ãUÙã ô˜˘âE¸«E™ˇãE¸#E ØE¸ EâEj@h0hƒ jjˇˇ  P@âE¿«E‘∆çM‘âM‹«E¯(°ãU‹ã  E¯ ØE‘ E¯âE¯h¨DË‹¸ˇˇÉƒ «E‡âqA˙ãM‡É¡ ãE‡ô˜˘ ØE‡âE‡«E–ãU–ã ï¯P@âEº«E∏ÉçM∏âM¥ãU¥ã #E∏ ØE∏ E∏âE∏ãMºQË ˝ˇˇÉƒ ãU–ãM¿â ëãU–ɬ âU–Å}–, r≠«EƒïÔãEƒ ØEƒâEË«E‰ïkãMƒÉ¡ ãE‰ô˜˘ EËâEËãUƒ Uƒ ØUƒâUƒ«E»y(ˇÒãE»#E» ØE»ãM»+»âM»«EÏ ãU¿âUð‡™DPã
  ÙP@QãUÏi“8U Rh®U@°D≠DPˇUÃɃ ãÂ]√ÃÃÃÃÃÃÃÃÃÃÃÃUãÏÉÏ «E¯ÆÅ}¯‘Ó «E¸ËãE¸ ØE¯âE Î[«E¸‡æ«EÙü€ãM¸ ØMÙãUÙ+—âUÙ«EÎ
  ãEÉ¿ âEÉ} }&«EÏ,
  EË ãEÏ EËãMÙÉ¡ ô˜˘ ØEÏâEÏÎÀ«E¸êÒ ÚãU¸ U¯ U¸âU¸ãÂ]√ÃÃÃÃÃUãÏÉÏ ãÂ]√ÃÃÃÃÃÃUãÏÉÏ$«EÙô«E ÀõãM É¡ ãEÙô˜˘âE«E¯≈ƒ»¯Å}¯®  «EÏÍ=«E¸§ãUÏ U¸ U¸ãE¸+¬âE¸«EËÎ
  ãMËÉ¡ âMËÉ}Ë }=«E¸ ‰çUâU‹ãE‹ã #M +M¸ MÙâMÙ«E‡í çU‡âU‰ãE‰ã  ØM¯ ØM‡âM‡Î¥ãÂ]√ÃÃÃÃÃUãÏÉÏ «E Èz3Ù«EÏf›çE âE¸ãMÏÉ¡ ãU¸ã ô˜˘âE «EÙ|Á«E Ö«›¯ãEÙ E ãM É¡ ô˜˘âEãÂ]√ÃUãÏÅÏà3¿t1«E§ «E®Ñû¸ÚãM§#M® ØM§ ØM§âM§ãU®Å‚— v¯+U® U§âU§ãE £D≠D«E†Î
  ãM†É¡ âM†É}† }Y«E‹
  ”i˘«EúRãUúRãE‹PËó˙ˇˇÉƒ ãMúQãU‹RËá˙ˇˇÉƒ ˡ¯ˇˇ«EòÎ
  ãEòÉ¿ âEòÉ}ò } ãM‹ ØM‹âMîÎÂÎò«EºO–«E∞"ãUº+U∞ãE∞+¬âE∞«E‡Ë£n˚çMºâMãU‡ UºãE Ø  ØUºâUºãMºâMºËí¯ˇˇ«EêÎ
  ãUêɬ âUêÉ}ê }^«E¥ ãE¥%ËÚi ØE¥âE‰«EåÎ
  ãMåÉ¡ âMåÉ}å } «EƒV«Eà‘ãUƒ#U¥âUàÎÿ«EƒØ+{˚ãEƒ E‰ãMƒ+»âMƒÎì«E¥Wv«EƒQ?çU¥âU‘ãE‘ã +MƒâM‰Ë®˙ˇˇ«E∏ö Í˝«EÙ”çU∏âU»ãE»ã  MÙ ØM∏âM∏ãM∏É¡ ãEÙô˜˘âEÿ«EÃÀÙ◊ı«E¿zf˚˚çUÃâUÏãEÏã Å·Iá(Û ØM¿âM¯ãU¯;U¿|1«EÄ÷WJ¸«Ö|ˇˇˇ.Ï˯çEÄâÖxˇˇˇãçxˇˇˇã  Øï|ˇˇˇ UÄâUÄÎ ãEà E¯ ØE¿ E¿âE¿Ë≤¸ˇˇj jˇ $P@âE¸ãM¸Qˇ  P@ɯ u jjh,≠DËx,=  u ËL˙ˇˇ3¿ãÂ]¬ ÃÃÃÃUãÏÉÏ «E¯N3¥Ù«E¸ éãE¯ E¸ E¯ãM¯+»âM¯ãÂ]√ÃÃÃÃÃÃÃUãÏÈ\7ÈS7ÈJ7ÈA7È87È/7È&7È 7È 7È

• A window keeps popping up asking me to install a phishing toolbar requiring me to type in my apple admin password, is this legitimate or someone wanting to install a virus into my apple operating system?

  All of a sudden the particular window has been appearing, there has been no other interaction with firefox so I'm very suspicious. I quickly checked the website and it suggests phishing is automatically a part of this browser, I could be interpreting this incorrectly. I'm running version 4.0.1 on an imac

  It's a hoax. '''DO NOT''' install anything you didn't ask for, let alone something that requires you to type in your password. It's most likely a consequence of some dubious application you have recently installed.