Advice Request A site only detected by Kaspersky and Netcraft

Please provide comments and solutions that are helpful to the author of this topic.

SeriousHoax

SeriousHoax

Level 49
Verified
Top Poster
Well-known
Mar 16, 2019
3,862
notabot said:
The problem is when the page doesn't display correctly or doesn't work properly, in which case you need to enable more scripts and then the user has little clue of whether to enable or not the malicious script, unless they try scripts one by one, starting from same domain, only cautiously expanding to 3rd domains etc -- but this approach is a quite a slow one.
Click to expand...
You're right and that's why I don't recommend it to everyone. I was just pointing out its usefulness. Since that particular third party script isn't necessary for any function on that website, users who use script blocker extensions wouldn't have enabled that and stayed protected.
 
  • Like
Reactions: roger_m, bribon77, oldschool and 4 others
upnorth

upnorth

Level 68
Verified
Top Poster
Malware Hunter
Well-known
Jul 27, 2015
5,458
I actually been curious about Revolts card/system as I seen a few local good reviews.
www.revolut.com

Revolut | All-in-one Finance App for your Money | Revolut Sweden

Join 40+ million customers globally using Revolut to send money to 160+ countries, hold up-to 36 currencies in app, spend in 150+ currencies, and manage their money.
www.revolut.com www.revolut.com
 
Last edited:
  • Like
Reactions: simmerskool, notabot, roger_m and 4 others
JB007

JB007

Level 26
Thread author
Verified
Top Poster
Well-known
May 19, 2016
1,580
Hello,
It is currently very dangerous to order Champagne online in France ;)
Again detection by Kaspersky(y) but I can order with PayPal:)
champagne.PNG
 
  • Like
  • Wow
Reactions: roger_m, Venustus, bribon77 and 5 others
oldschool

oldschool

Level 85
Verified
Top Poster
Well-known
Mar 29, 2018
7,613
I am curious about the
oldschool said:
FYI: Edge Chromium gives "Insecure content blocked" message in address bar, unlike the full screen alert from Netcraft.
Click to expand...

I am curious to know how this shield alert in Edge address bar is generated, i.e. what process it was. It was neither a normal Smartscreen nor Windows Defender alert. Maybe related to PUA browser settting? Can someone with more technical knowledge (@Andy Ful @SeriousHoax @Umbra anyone) please help me understand what's happening here? 🤔
 
Last edited:
  • Like
Reactions: simmerskool, roger_m, JB007 and 5 others
F

ForgottenSeer 823865

oldschool said:
I am curious about the


I am curious to know how this shield alert in Edge address bar is generated, i.e. what process it was. It was neither a normal Smartscreen nor Windows Defender alert. Maybe related to PUA browser settting? Can someone with more technical knowledge (@Andy Ful @SeriousHoax @Umbra anyone) please help me understand what's happening here? 🤔
Click to expand...
Could just be built-in smartscreen designed to show up differently.
 
  • Like
Reactions: roger_m, JB007, Venustus and 3 others
upnorth

upnorth

Level 68
Verified
Top Poster
Malware Hunter
Well-known
Jul 27, 2015
5,458
JB007 said:
No, I did not 🍾
Click to expand...
Well I did, and not super easy to find a replacement that would be better safe in general considering for example their software platform etc.

Also I have no idea how well, or bad they would in the end deliver. It seems a bit late now IMO to get anything online before Christmas. You should probably use their phone number to get a better answer. I sent the link in a PM.
 
  • Like
Reactions: JB007, Venustus, harlan4096 and 1 other person
N

notabot

Level 15
Verified
Oct 31, 2018
703
It's interesting, whenever I've come across hijacked ( or even hacked ) sites, it's always been a specialty/niche online retailer as well.
For someone with safe browsing habits, specialty & niche retailers are probably the most risky sites they'll come across.

upnorth said:
I actually been curious about Revolts card/system as I seen a few local good reviews.
www.revolut.com

Revolut | All-in-one Finance App for your Money | Revolut Sweden

Join 40+ million customers globally using Revolut to send money to 160+ countries, hold up-to 36 currencies in app, spend in 150+ currencies, and manage their money.
www.revolut.com www.revolut.com
Click to expand...

You can do granular control on your card. E.g. you can block the card for online transactions but leave it working for chip & pin or contactless. You can also place location restrictions, that card point of use matches your location etc.

I think it's great for travelling (super easy to convert FX, plus who trusts their card to agents a foreign country they've never visited before - with Revolut you disable right after use and re-enable on demand).

It's also great for buying stuff online when the website is a niche one and cannot afford to hire Amazon's security team. I feel this approach is more practical than hoping for a suite to detect every possible card skimmer injection.
 
  • Like
Reactions: simmerskool, JB007, blackice and 2 others
N

notabot

Level 15
Verified
Oct 31, 2018
703
Just to add, you can also make virtual cards on the fly from your mobile. E.g. buy champagne from niche retailer with a virtual card (visa debit, not credit), pay for it then delete the card entirely. And of course you can set limits on the virtual card so even an instantaneous attack would fail.

skimmers are really a non-issue with virtual cards. Give your "normal" card to Google, Amazon, Netflix where it's likely to be safe and for smaller fish, with smaller security teams, use virtual cards. Can't get more secure than that.
 
  • Like
Reactions: JB007, harlan4096, roger_m and 3 others
upnorth

upnorth

Level 68
Verified
Top Poster
Malware Hunter
Well-known
Jul 27, 2015
5,458
notabot said:
Just to add, you can also make virtual cards on the fly from your mobile. E.g. buy champagne from niche retailer with a virtual card (visa debit, not credit), pay for it then delete the card entirely. And of course you can set limits on the virtual card so even an instantaneous attack would fail.

skimmers are really a non-issue with virtual cards. Give your "normal" card to Google, Amazon, Netflix where it's likely to be safe and for smaller fish, with smaller security teams, use virtual cards. Can't get more secure than that.
Click to expand...
I agree but, this was interesting.
And then he waited. For about two hours. That’s how long it took for the bait to be nibbled on, with one of those small transactions made by fraudsters’ bots and scripts. The crooks test whether the payment card information is valid, by using a stolen card on merchant sites that automatically respond with a detailed reason for why a given card is declined. Two hours was actually pretty slow, Greenwood said. The prepaid card was eventually used at the site for a well-known UK British retailer.
Click to expand...
nakedsecurity.sophos.com

Naked Security – Sophos News

nakedsecurity.sophos.com nakedsecurity.sophos.com
 
  • Like
Reactions: JB007, harlan4096, SeriousHoax and 4 others

Similar threads

Xeno1234
    • Like
  • Locked
Malware Analysis Little Evasive Malware Test I did.
Replies
4
Views
1,126
Malware Analysis
Xeno1234
Xeno1234
P
  • Locked
Solved This is not detected by Kaspersky for some strange reason...
Replies
35
Views
2,905
Kaspersky
harlan4096
harlan4096
tracker
  • Locked
I am infected with a hijack loader that has never been detected by any antivirus software, and I cannot remove it.
Replies
7
Views
826
Windows Malware Removal Help & Support
nasdaq
nasdaq

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top