[clamav-users] Can't detect deceptive URL's as infected !!
steveb_clamav at sanesecurity.com
Tue Dec 11 10:52:20 EST 2018
On Tue, December 11, 2018 1:58 pm, Sunny Marwah wrote:
Here's the summary....
The phishing attempt looks like this html code:
h-t-t-p-s:/-/-pastebin DOT com/TL5WUJZh
This first link is just a hijacked graphic and won't be in safebrowsing...
h-t-t-p-s:-/-/gokdenizhealthtourism DOT com/js/logo.gif
This next link, is the bad" phishing link is:
h-t-t-p-s:/-/-nompao DOT com/boa.php
The above link is currently blank and isn't in currently safebrowsing,
however, you can report it here:
VirusTotal is showing a clean link too on the phishing link:
You can submit the sample to ClamAV to add detection of the phish contents
here (regardless of the url's that are being used)
More information about the clamav-users