[clamav-users] ClamAV+exim: scanner finds not a single malware

Groach groachmail-stopspammingme at yahoo.com
Sun May 29 08:25:49 EDT 2016


On 29/05/2016 14:07, James Brown wrote:
>> On 29 May 2016, at 2:12 AM, Groach <groachmail-stopspammingme at yahoo.com> wrote:
>>
>> But with SANE DEFINITIONS:
>>
>> ----------- SCAN SUMMARY -----------
>> Known viruses: 4512349
>> Engine version: 0.99.1
>> Scanned directories: 0
>> Scanned files: 24
>> **Infected files: 23**
>>
>> Data scanned: 3.92 MB
>> Data read: 1.48 MB (ratio 2.65:1)
>> Time: 17.409 sec (0 m 17 s)
>>
>> --------------------------------------
>> Completed
>> --------------------------------------
> Have you submitted the one that got through to samples at sanesecurity.me.uk?
>
> James.

Erm,  I dont know FOR SURE but probably (I usually do).

However, having just looked at it it isnt actually a virus/attachment, 
its a PHISHING email (Claiming to be from a UK high street bank - see 
below) with a link to a dodgy site. So Im not sure its valid for his AV 
definitions (and thats the reason he hasnt included it).

IMPORTANT NOTICE.eml :

    TSB is continually attempting to guarantee security by frequently
    screening the records in our systems.
    We as of late assessed your record, and we require more data to help
    us give you secure administration.
    Until we can gather this data, your right to gain entrance to your
    online access will be restricted or ended.
    We want to restore your right to gain your online access at the
    earliest opportunity, and we apologize for the inconvenience.
    You are required to follow a straight forward and simple process to
    restore your online access.

    Proceed to the verification process.  <<<<< THIS IS THE DODGY LINK

    Thank you for banking with us.

    Yours sincerely,
    Online Service Department,
    Customer Support.
    TSB ONLINE BANKING TEAM.









More information about the clamav-users mailing list