[clamav-users] Heueristics.Structured.CreditCardNumber ???
musc
muschelgev at newcultures.com
Sat Feb 25 00:34:25 UTC 2023
On February 24, 2023 2:53:31 PM EST, Andrew C Aitchison <andrew at aitchison.me.uk> wrote:
>On Fri, 24 Feb 2023, musc via clamav-users wrote:
>
>> This is another frequent hit I get doing a clamdscan:
>> Heueristics.Structured.CreditCardNumber
>>
>> I've read of a scam which prompts people to apply for a credit card,
>> or says falsely that a person has already a credit
>> card... responding to either leads to a scam.
>>
>> Are eliminating these two scams the only reasons for searching out
>> files containing credit card numbers? Or are there other reasons we
>> should be aware of?
>
>My guess would be that the main use of this would be to catch
>*outgoing* emails from your users replying to scams, or otherwise
>emailing their c/c number to someone.
>Email simply isn't secure enough to use for online payments,
>so seems reasonable to reject submitted messages which contain c/c details.
>Probably a case for outright rejection or quarantine, rather than
>just adding to a spam score.
>
In that event the very substantial and formulaic email header or attachment syntax could radically eliminate false positives.
More information about the clamav-users
mailing list