Norton safe web is one of the mose efficient against new phishing links
View attachment 296396Safeweb
safeweb.norton.com
View attachment 296397
site is down?
Last edited by a moderator:
Sweet Minecraft Mods – The Dark Tale of SugarSMP Scam, Malware & Extortion
- Thread starter Khushal
- Start date
site is down?
Norton safe web is one of the mose efficient against new phishing links
View attachment 296396Safeweb
View attachment 296397
openinapp website is not phishing
it redirects to another link which is phishing.
wrong attribution by norton.
ESET attribution about below site as phishing is correct
It also appears in Google Search. However, I had to allow the URL right here because, even though it’s in Google Search, it’s being blocked and already redirects to a malicious URL.
- Apr 28, 2015
- 9,481
- 1
- 85,602
- 8,389
I could get the exe that offered that site:
Looks like a Remote Access tool:
Looks like a Remote Access tool:
i hope the urls and RMS backdoor is submitted.I could get the exe that offered that site:
Looks like a Remote Access tool.
And maybe one of that advantages of a browser extension using web rating icons, for a general search before landing on, going to the page?
Hmm... that's interesting. Is this valid or not?
- Apr 28, 2015
- 9,481
- 1
- 85,602
- 8,389
I reported, just waiting...
I executed it in my VM + KPremium, it looks like a typical Remote Access tool...
I executed it in my VM + KPremium, it looks like a typical Remote Access tool...
I do like some of the other AV's and DNS warnings that are more specific (Reason), than F-Secure's sometime more general, generic warning.
Even if I didn't have any antivirus software or DNS protection extensions. NextDNS alone would block it, see. "The website is being blocked by threat intelligence feeds and AI-based threat detection systems". @Sampei.Nihira, I noticed that he advocates for using a DNS service like NextDNS or ControlD.
For me, it is alive; it loaded and automatically redirected to another website asking me to downlaod MS Teams update.
- Apr 28, 2015
- 9,481
- 1
- 85,602
- 8,389
F
ForgottenSeer 123960
This is a bit of advice for those testing these websites and domains from your systems instead of using third-party tools.
When security software doesn't know a site is compromised until it starts receiving data from it, your computer initiates the "handshake" with the server, and the server begins sending the website's code back to you. Your security software scans this incoming code in real-time, spots a malicious script (like a trojan or phishing attempt), and abruptly cuts the connection.
Because your computer successfully initiated the connection before the software pulled the plug, the compromised server did receive your IP address during that initial handshake.
If you are going to poke around malicious domains, always use a third party web-based tool.
When security software doesn't know a site is compromised until it starts receiving data from it, your computer initiates the "handshake" with the server, and the server begins sending the website's code back to you. Your security software scans this incoming code in real-time, spots a malicious script (like a trojan or phishing attempt), and abruptly cuts the connection.
Because your computer successfully initiated the connection before the software pulled the plug, the compromised server did receive your IP address during that initial handshake.
If you are going to poke around malicious domains, always use a third party web-based tool.
Yes, it's an essential component for me in terms of security, and it has the advantage of not consuming resources.Even if I didn't have any antivirus software or DNS protection extensions. NextDNS alone would block it, see. "The website is being blocked by threat intelligence feeds and AI-based threat detection systems". @Sampei.Nihira, I noticed that he advocates for using a DNS service like NextDNS or ControlD.
Would one of those options be using a Windows app based VPN? @Divergent thank you for bringing this up, as it was education opportunity between Gemini, Perplexity and I. Not to leave anyone here out of answering my questions, but they cover a lot of information succinctly, with my other thoughts and follow up questions as well
Last edited:
That’s a great point, @Jonny Quest. A VPN would definitely add a layer of privacy by hiding your real IP from the malicious server (which is always good), but the security risk @Divergent mentioned would still be there.
Even with a VPN, your own browser is still the one 'talking' to the site and processing its code. That’s why tools like URLScan.io or Browserling are so helpful—they act as isolated environments designed to 'take the hit' for you, analyzing the site without anything ever touching your actual system.
Even with a VPN, your own browser is still the one 'talking' to the site and processing its code. That’s why tools like URLScan.io or Browserling are so helpful—they act as isolated environments designed to 'take the hit' for you, analyzing the site without anything ever touching your actual system.
So for those of us who want to see if our AV is flagging it as a malware site, don't do it just to post it here..."look what F-Secure can do", and let it do it's work for normal web surfing, and instead use something like URLScan.io or Browserling as you mentioned. In fact the same could be said for testing our browser extensions on PhishTank Valid site.That’s a great point, @Jonny Quest. A VPN would definitely add a layer of privacy by hiding your real IP from the malicious server (which is always good), but the security risk @Divergent mentioned would still be there.
Even with a VPN, your own browser is still the one 'talking' to the site and processing its code. That’s why tools like URLScan.io or Browserling are so helpful—they act as isolated environments designed to 'take the hit' for you, analyzing the site without anything ever touching your actual system.
Great couple of posts, thank you both, @Halp2001 and @Divergent
- Apr 28, 2015
- 9,481
- 1
- 85,602
- 8,389