Suspicious email "from my bank". Malwarebytes and AVG Cloud missed it.

Page 1 of 2 12 LastLast

  1. Posts : 231
    Windows 7 Home Premium 64bit
       #1

    Suspicious email "from my bank". Malwarebytes and AVG Cloud missed it.


    I recently received an email message (during the Christmas holiday!!) purporting to come from my bank, saying that important changes had been made to my account and inviting me to open something. Of course I deleted the message without opening it.

    However, I have Malwarebytes (paid version) running all the time (scan and protection log shows both place this afternoon, as a daily occurrence,) and AVG Cloud Care was also running (I will be replacing AVG soon). Neither alerted me to the email.

    Should they have? if not, Malwarebytes is claimed to spot fishing messages; if so, why not?

    Thanks.
      My Computer


  2. whs
    Posts : 26,210
    Vista, Windows7, Mint Mate, Zorin, Windows 8
       #2

    Next time you get a suspicious mail, send it to Virus Total. That checks it with two dozen AV programs.

    https://www.virustotal.com/
      My Computer


  3. Posts : 2,497
    Windows 7 Pro 64 bit
       #3

    Malwarebytes and AVG attempt to detect phishing messages but do not clasim to catch them all. Phishing has become VERY sophisticated in recent years and try very hard to evade detection, and have become quite good at it. For all their abilities these products have one major weakness in that they cannot understand the text of these messages. That is far beyond current technology. You have this ability. For that reason you must remain vigilant and never rely on technology to protect you.
      My Computer


  4. Posts : 231
    Windows 7 Home Premium 64bit
    Thread Starter
       #4

    LMiller7 said:
    Malwarebytes and AVG attempt to detect phishing messages but do not clasim to catch them all. Phishing has become VERY sophisticated in recent years and try very hard to evade detection, and have become quite good at it. For all their abilities these products have one major weakness in that they cannot understand the text of these messages. That is far beyond current technology. You have this ability. For that reason you must remain vigilant and never rely on technology to protect you.
    On the bold part of your reply, I thought the text of the phishing messages was written by a human and all they had to do was to send out to their list of gathered addresses. My suspicious email was gramatically correct and in good English, not like the also human-written ones from Africa but with spelling mistakes and bad grammar.

    My rule is usually not to open any message which is not from someone already in my addrerss book or whose name I already know (but not famous names like Kim Kardashian - I should be so lucky!). This is a bit restrictive because I might ditch a genuine message, but phishing and other suspicious messages are, for me, extremely rare.
      My Computer


  5. Posts : 25,847
    Windows 10 Pro. 64/ version 1709 Windows 7 Pro/64
       #5

    Give your bank a call. They will be able to tell you if they sent you a email.

    A bank will never send you a email asking for any account or personal information.
      My Computer


  6. Posts : 1,102
    OEM Windows 7 Ult (x64) SP1
       #6

    Stevekir said:
    Should they have? if not, Malwarebytes is claimed to spot fishing messages; if so, why not?

    Thanks.
    @LMiller7 and the others are correct.
    No program reads the text of emails.
    That is up to you.
    Moreover, I don't see where MBAM claims to "spot fishing [phishing] messages" here?
    (And @LBB is correct: your bank will never send a legitimate email asking for personal info.)

    MBAM detects certain types of non-viral malware (that may be embedded or contained within that email message) upon execution.
    And it detects malicious IPs/domains in its database.
    But it does not detect ALL malware and makes no claim to do so -- detection of certain types of malware (e.g. many true viruses, and others) is the role of your AV.
    It is part of a layered approach to security, alongside your robust AV, firewall and other security applications and methods.

    Having said that....
    It is a constant battle between the "good guys" and the "bad guys", the latter of whom exploit users through social engineering such as phishing, spear-phishing and other strategies and through new malware variants every day.
    No one security program or combination of programs can protect 100% of computers from 100% of malware 100% of the time.
    The most critical component is the part between the chair and the keyboard.
    Users who are determined to infect themselves by practicing "unsafe hex" will probably become infected, no matter what security programs are running.

    There are many comprehensive, authoritative resources about "best practices" for computing safety at the reputable computer help fora.

    Cheers,
    MM

    P.S. As suggested by others, you can always submit URLs and files to VirusTotal or a similar service. And you can submit possibly malicious URLs or IPs or files to the security researchers at MBAM forum and other, similar sites.
      My Computer


  7. Posts : 231
    Windows 7 Home Premium 64bit
    Thread Starter
       #7

    The page you quoted states:
    "What it does for you


    • Detects and protects against malware in real-time
    • Blocks hacking and phishing attempts
    • Schedules automatic scanning
    • Offers three flexible scanning mode"

    In my earlier post, #4, I said "I thought the text of the phishing messages was written by a human and all they had to do was to send out to their list of gathered addresses." I misunderstood the earlier post where the poster was referring to the analysis at the receiving end of the phishing message to detect phishiness. If the text is well written, no software could detect it (as the poster said). I wonder how Malwarebytes (or anything else) could possible detect a phish?
      My Computer


  8. Posts : 1,102
    OEM Windows 7 Ult (x64) SP1
       #8

    Stevekir said:
    The page you quoted states:
    "What it does for you

    • Blocks hacking and phishing attempts


    Yes, IF you were to click on a malicious link that is in the IP/domain database or IF you were to try to open/execute a malicious attachment containing a file format that MBAM detects.


    But, no, as pointed out, neither MBAM nor any other program can "read" the text of an email.


    That (and exercising due caution when viewing or opening ANY email, no matter WHO the sender appears to be) is up to the user.


    There are a number of 3rd-party utilities that permit one to preview, view, and (if needed) delete or report as SPAM any incoming email message while it is still on the server, before it ever touches the user's local computer. It provides an additional layer to safely screen incoming emails.



    Cheers,

    MM
      My Computer


  9. Posts : 231
    Windows 7 Home Premium 64bit
    Thread Starter
       #9

    I have found in Thunderbird: If you want to investigate it, in the list of incoming emails, select a suspicious email (just a simple single click, do not double click or it will open) so it turns a light colour. Then do Ctrl+U This will open a window showing the message header and, lower down, the message itself. About half way down the window the header lists the sender's email address (see the attachment). This might give a clue about the message (and any attachment) but of course malware senders could easily have an Internet domain name that sounds good.

    As I understand it, although the email message and its attachment have already been put on to your computer's hard drive, neither have been opened at this stage. It is opening either that could be dangerous. Also, any attachment's name will be in the message header and it could be search for and deleted.

    Finally, if the email is obviously suspicious, it can be deleted as soon as it arrives by RIGHT-CLICKing on it in Thunderbird's list of incoming messages and choosing "Delete" from the dropdown menu.

    Another source of error: when on a web site that is offering a download that you have decided is safe, the window is often plastered by other conspicuous DOWNLOAD NOWs etc. This can be confusing, leading to downloading unsafe stuff.

    I am pursuing "There are a number of 3rd-party utilities that permit one to preview, view, and (if needed) delete or report as SPAM any incoming email message while it is still on the server, before it ever touches the user's local computer. It provides an additional layer to safely screen incoming emails."
    Attached Thumbnails Attached Thumbnails Suspicious email "from my bank". Malwarebytes and AVG Cloud missed it.-untitled-1.jpg  
      My Computer


  10. Posts : 1,102
    OEM Windows 7 Ult (x64) SP1
       #10

    Hi:

    Thunderbird's "anti-spam" (actually "junk mail") controls/filters are separate from the anti-spam/anti-junk features of your AV and other security applications and they are unrelated to "anti-malware" functionality.
    Apples - Oranges.:)
    The point is that spammers can bypass security at the server level by spoofing their sender address.
    It's then up to the user to exercise caution when viewing and (especially!) opening emails, no matter who the sender appears to be.

    The realtime, layered security applications cannot protect the user 100% of the time.
    There are many layers to one's personal computer security, including email safety. They all start with safe computing practices and "situational awareness" by the user -- "safe hex".

    It would take a month of Sundays to explain the many facets and nuances.
    There are many comprehensive, authoritative resources about "best practices" for computing safety at the reputable computer help fora - they explain it all far better than I can.

    As for spam-filtering software, I have used Mailwasher for many years with TB, layered with my MBAM, MBAE and Kaspersky applications. There is a free version and a paid version. There are others out there, as well.

    Hope this helps,

    MM
      My Computer


 
Page 1 of 2 12 LastLast

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 03:58.
Find Us