[clamav-users] Can't detect deceptive URL's as infected !!

Steve Basford steveb_clamav at sanesecurity.com
Tue Dec 11 10:52:20 EST 2018

On Tue, December 11, 2018 1:58 pm, Sunny Marwah wrote:

Hi Sunny/All,

Here's the summary....

The phishing attempt looks like this html code:

h-t-t-p-s:/-/-pastebin DOT com/TL5WUJZh

This first link is just a hijacked graphic and won't be in safebrowsing...

h-t-t-p-s:-/-/gokdenizhealthtourism DOT com/js/logo.gif

This next link, is the bad" phishing link is:

h-t-t-p-s:/-/-nompao DOT com/boa.php

The above link is currently blank and isn't in currently safebrowsing,
however, you can report it here:


VirusTotal is showing a clean link too on the phishing link:


You can submit the sample to ClamAV to add detection of the phish contents
here (regardless of the url's that are being used)



Twitter: @sanesecurity

More information about the clamav-users mailing list