Avast WEBforum

Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: SlimJim on November 06, 2004, 11:45:57 PM

Title: Script Runs Phishing Protection?
Post by: SlimJim on November 06, 2004, 11:45:57 PM

A new phishing attack is out which involves a scripts run program which will open and go to your HOSTS file when you open an e-mail - no attachment necessary. This has to do with a hacker attempting to get  your passwords when logging onto a bank site.  My question is: does Avast protect against this type virus in e-mail messages?...Further info provided in this link: http://www.pcworld.com/news/article/0,aid,118489,tk,dn110504X,00.asp  

Thanks to whomever responds and has the answer....Jim

Title: Re:Script Runs Phishing Protection?
Post by: RejZoR on November 06, 2004, 11:56:54 PM

Its hard to say,but mail heuristics could detect this.

Title: Re:Script Runs Phishing Protection?
Post by: igor on November 07, 2004, 12:40:31 AM

I think the quote is not correct. The mentioned article says:
... and you have ActiveX security settings configured too low (or if you are running an out-of-date and/or unpatched version of Windows), the Trojan horse installs itself on your PC.
The Trojan horse then makes changes to the Hosts file...

So, its just another ActiveX trojan. When it's activated (which the antivirus shouldn't allow), it can do anything - including e.g. changing your HOSTS file.