[clamav-users] Be wary of emails with attachments targeting clamav-users list members

newcomer01 newcomer01 at posteo.de
Wed Mar 22 17:44:25 UTC 2023 

Hi Paul,

yes, submit all files. Maybe ClamAV need different Phising - Sigs for each file or something ...
For my submitted file, ClamAV currently not warn ...

kind greetings
Marc


Von / From: Clamav User Mailinglist <mailto:clamav-users at lists.clamav.net>
An / To: Newcomer01 <mailto:newcomer01 at posteo.de>
CC / CC: Paul Kosinski <mailto:clamav-users at iment.com>
Gesendet / Sent: Mittwoch, März 22, 2023 um 18:35 (at 06:35 PM) +0100
Betreff / Subject: Re: [clamav-users] Be wary of emails with attachments targeting clamav-users list members
> I have just started getting these claiming to be relevant to ClamAV, but I have *also* been receiving this sort of thing claiming to be from the Firefox ESR list for months now.
>
> I am posting (one of) the HTMLs "about" ClamAV to https://www.clamav.net/reports/malware. Should I also post (one of) the Firefox phishes? (In fact, I have several of each, but it quickly gets tedious.)
>
>
>
> On Wed, 22 Mar 2023 16:48:32 +0000
> "Micah Snyder \(micasnyd\) via clamav-users" <clamav-users at lists.clamav.net> wrote:
>
>> All,
>>
>> Some users have reported receiving emails that appear to be a reply to a clamav-users mailing list thread but are in fact a phishing attempt have attached malware.
>>
>> Most recently, Marc reported receiving an email that appeared to be a reply to an older clamav-users mailing list thread but was in fact a direct email targeting him.  It had this fairly generic phishing text:
>>
>> "Would you please look through the last agreement? I have attached some extra details about it."
>>
>> The attached file was some small HTML file containing malicious obfuscated javascript.
>>
>> This isn't the first time we've heard of this type of phishing using our mailing list archives. Please be careful when you see any sort of attachment, even if it appears to be from this community.
>>
>> If you receive this sort of phishing email, please report the attached HTML file to https://www.clamav.net/reports/malware
>>
>> Regards,
>> Micah
>>
>>
>>
>> Micah Snyder
>> ClamAV Development
>> Talos
>> Cisco Systems, Inc.
> _______________________________________________
>
> Manage your clamav-users mailing list subscription / unsubscribe:
> https://lists.clamav.net/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/Cisco-Talos/clamav-documentation
>
> https://docs.clamav.net/#mailing-lists-and-chat

More information about the clamav-users mailing list