Interviewed by CNN on 30/01/2013 06:57, Daniel told the world: > So I could still be visiting phishing sites because my database could, > in part, be a week out of date!!
There's no guarantees of a complete database anywhere. For instance: I have just received a phishing e-mail, trying to induce me to download and open some sort of malware. I found it mildly interesting (as scams go) because they actually included my full name, instead of sending a generic message. Not that's hard to buy lists of e-mails with full user names... Anyway, I decided to amuse myself giving it a check. First thing: copied the link to GetLinkInfo.com to see what they could tell about it. Not much, it turned out -- even the Google Safe Browsing check gave the website a clean bill of health. (Apparently the site -- some sort of Chinese name in a .com domain -- is an image host, and the malware distributor uploaded the crap as if it were an image) Next step: check the malware itself. Yes, I know what I'm doing, I routinely have to disinfect virus-possessed computers from clients, I know how to keep from actually running a file. So I disabled plugins and Javascript and very carefully opened the link. Turns out it it was a .cpl file, which is a big red flag for malware. Anyway, my antivirus didn't complain. I uploaded it to Jotti.com and Virustotal.com, and it got only about 25% hits, suggesting that it's pretty new. So... Antivirus: missed it Other antivirus: about 75% chance of missing it. Google Safe Browsing: missed it ISP spam filter: flagged it as spam, but did nothing else. Not that it helps much, since this particular filter has a high rate of false positives. One of the myriad reasons I'm migrating to another ISP... Seamonkey spam filter: missed it (probably because it had my full name) So there are no guarantees, you have to keep a sharp eye anyway. Automated tools (antivirus, antispam, website black lists and such) help by essentially cutting down on the volume of mail you have to actually read and analyse. They won't ever get everything. -- MCBastos This message has been protected with the 2ROT13 algorithm. Unauthorized use will be prosecuted under the DMCA. -=-=- ... Sent from my Bugatti Veyron. * Added by TagZilla 0.7a1 running on Seamonkey 2.15 * Get it at http://xsidebar.mozdev.org/modifiedmailnews.html#tagzilla _______________________________________________ support-seamonkey mailing list [email protected] https://lists.mozilla.org/listinfo/support-seamonkey
