Author Topic: Suspicious  (Read 12694 times)

0 Members and 1 Guest are viewing this topic.

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 41960
  • 59 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Suspicious
« on: November 22, 2005, 12:41:29 AM »
I tried sending an email to Sasha today and when I hit the send button,
I was greeted with the following:


This email contained no attachments.
Since when is a plain email considered suspicious just because it doesn't
contain a subject?  ???
Free avast! Security Seminar: https://goo.gl/kh3cqR  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 10 Pro v1903 64bit, 8 Gig Ram, AvastFree 19.6.xxxx, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 82273
  • No support PMs thanks
Re: Suspicious
« Reply #1 on: November 22, 2005, 01:19:03 AM »
It has been like that within the avast Heuristic checking, emails without a subject can be trying to hide the intent or use social programming to get people to open it to find out what it is about. So it is possible an email without a subject line would be suspicious.

I know if I ever receive one (when viewed via mailwasher my first instint is to view it with suspicion. Just my heuristic brain or suspicious nature ;D

Hell, even OE prompts for a subject if you have left it blank when you click send.
WinXP ProSP3/ Core2Duo E8300/ 4GB Ram/ avast! free 18.5.2342/ Firefox ESR, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ DropMyRights/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security
Windows 10 Home 1909 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 19.8.2393 (build 19.8.4793.544) UI-1.0.415/ WinPatrol+/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ WinPatrol+/

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 41960
  • 59 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Suspicious
« Reply #2 on: November 22, 2005, 01:25:45 AM »
Quote
Hell, even OE prompts for a subject if you have left it blank when you click send
Which is fine it's a reminder and gives me an option to either fill it in or leave it out.
But I don't need a pop-up from avast! telling me that what I'm sending is suspicious just because
nothing is filled in the subject section.
Remember, I'm sending this email not receiving it.
Free avast! Security Seminar: https://goo.gl/kh3cqR  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 10 Pro v1903 64bit, 8 Gig Ram, AvastFree 19.6.xxxx, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67269
Re: Suspicious
« Reply #3 on: November 22, 2005, 01:34:44 AM »
Remember, I'm sending this email not receiving it.
Bob, maybe it's to avoid your email account spreading virus but, I think that the scanner does not make difference on inbound and outbound mail, scanning with the same options... who knows...?
The best things in life are free.

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 41960
  • 59 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Suspicious
« Reply #4 on: November 22, 2005, 01:41:59 AM »
Quote
Bob, maybe it's to avoid your email account spreading virus
I don't know of any text messages that contain viruses. Do you?
Free avast! Security Seminar: https://goo.gl/kh3cqR  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 10 Pro v1903 64bit, 8 Gig Ram, AvastFree 19.6.xxxx, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 82273
  • No support PMs thanks
Re: Suspicious
« Reply #5 on: November 22, 2005, 01:42:59 AM »
Quote
Hell, even OE prompts for a subject if you have left it blank when you click send
Which is fine it's a reminder and gives me an option to either fill it in or leave it out.
But I don't need a pop-up from avast! telling me that what I'm sending is suspicious just because
nothing is filled in the subject section.
Remember, I'm sending this email not receiving it.
avast doesn't know who is sending the message, just that one is being send and the subject line is blank and possibly suspicious.

Perhaps switching off the subject checks within the Heuristics Tabs, but that would apply permanently, it is probably easier to just put something in the subject.
WinXP ProSP3/ Core2Duo E8300/ 4GB Ram/ avast! free 18.5.2342/ Firefox ESR, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ DropMyRights/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security
Windows 10 Home 1909 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 19.8.2393 (build 19.8.4793.544) UI-1.0.415/ WinPatrol+/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ WinPatrol+/

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67269
Re: Suspicious
« Reply #6 on: November 22, 2005, 01:44:20 AM »
Quote
Bob, maybe it's to avoid your email account spreading virus
I don't know of any text messages that contain viruses. Do you?
No... just the eicar text into the message body...
The best things in life are free.

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 82273
  • No support PMs thanks
Re: Suspicious
« Reply #7 on: November 22, 2005, 01:46:18 AM »
Quote
Bob, maybe it's to avoid your email account spreading virus
I don't know of any text messages that contain viruses. Do you?
Whist I'm not aware of any viruses in text emails doing the rounds, however, it is feasibly possible for text based emails to contain viruses also.
WinXP ProSP3/ Core2Duo E8300/ 4GB Ram/ avast! free 18.5.2342/ Firefox ESR, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ DropMyRights/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security
Windows 10 Home 1909 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 19.8.2393 (build 19.8.4793.544) UI-1.0.415/ WinPatrol+/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ WinPatrol+/

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 41960
  • 59 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Suspicious
« Reply #8 on: November 22, 2005, 01:50:10 AM »
I don't understand something.
Why is it my fault that avast! deems a perfectly harmless e-mail as suspicious?
Remember, I paid for my copy of avast and should be able to find out why this is happening
without being told that it's easier to put something in the subject portion of an e-mail.
There are times when avast! could be improved. It's not always perfect.
Free avast! Security Seminar: https://goo.gl/kh3cqR  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 10 Pro v1903 64bit, 8 Gig Ram, AvastFree 19.6.xxxx, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 82273
  • No support PMs thanks
Re: Suspicious
« Reply #9 on: November 22, 2005, 01:54:21 AM »
No one is saying it is anyones fault, if you don't like the warning do something about it, improve it and remove the check.

I've tried to explain why I would consider an email might be considered suspicious because it doesn't have a subject line (I can't speak for avasts logic in thinking it suspicious), not apportion blame.

Edit: and by putting something in the subject line the recipient if they also use avast won't get the shock of their life upon receipt.
« Last Edit: November 22, 2005, 01:57:19 AM by DavidR »
WinXP ProSP3/ Core2Duo E8300/ 4GB Ram/ avast! free 18.5.2342/ Firefox ESR, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ DropMyRights/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security
Windows 10 Home 1909 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 19.8.2393 (build 19.8.4793.544) UI-1.0.415/ WinPatrol+/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ WinPatrol+/

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 41960
  • 59 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Suspicious
« Reply #10 on: November 22, 2005, 02:00:17 AM »
Quote
Edit: and by putting something in the subject line the recipient if they also use avast won't get the shock of their life upon receipt.
Just for your information, the recipient of this email didn't get a suspicious warning on his end even though it didn't contain a subject .
Free avast! Security Seminar: https://goo.gl/kh3cqR  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 10 Pro v1903 64bit, 8 Gig Ram, AvastFree 19.6.xxxx, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67269
Re: Suspicious
« Reply #11 on: November 22, 2005, 02:09:29 AM »
There are times when avast! could be improved. It's not always perfect.
This is one of them  8)

Just for your information, the recipient of this email didn't get a suspicious warning on his end even though it didn't contain a subject .
Strange... Isn't Heuristic module of Sasha turned on?
The best things in life are free.

Offline szc

  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 6957
Re: Suspicious
« Reply #12 on: November 22, 2005, 01:31:03 PM »
Not a single word from avast! Internet Mail provider when I received Bob's simple e-mail without any attachments, although it was without the subject line...

Yes, my settings are set to high, and you can see that e-mails should be checked by their subjects or lack of subject lines.

MB: GIGABYTE GA-Z77X-UD3H Intel 7 Series  - LGA1155, CPU: Intel Core i5-3570K - Quad Core, 3.40GHz (3.80GHz Max Turbo), CPU COOLER: Cooler Master Hyper 212 EVO Direct Heat Pipe R2, RAM: 16 GB Kingston HyperX Blu DDR3, VIDEO CARD: Galaxy GeForce GTX 560 Ti - 1GB, GDDR5, POWER SUPPLY: Corsair Enthusiast Series TX750 V2 - 750 Watts, HD: Seagate Barracuda - 2TB, 7200RPM, 64MB, SATA 6Gb/s

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 82273
  • No support PMs thanks
Re: Suspicious
« Reply #13 on: November 22, 2005, 03:35:08 PM »
It may be that the other 'Check Subject' in Advanced Heuristics (requires Huristic setting of High or Custom) is the troublesome one, see image. You do need to set it to Custom to access the settings in the Heuristics Advanced Tab.
« Last Edit: November 22, 2005, 03:37:54 PM by DavidR »
WinXP ProSP3/ Core2Duo E8300/ 4GB Ram/ avast! free 18.5.2342/ Firefox ESR, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ DropMyRights/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security
Windows 10 Home 1909 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 19.8.2393 (build 19.8.4793.544) UI-1.0.415/ WinPatrol+/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ WinPatrol+/

Offline szc

  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 6957
Re: Suspicious
« Reply #14 on: November 22, 2005, 04:32:29 PM »
No I don't believe it's that... it's already checked by default, it's just, under HIGH those settings are greyed out (but still enabled).



And this is when settings are on MEDIUM (greyed out and disabled):



If you set it to Custom you'll get this (you'll just be able to edit them):

« Last Edit: November 22, 2005, 04:35:31 PM by S.Z.Craftec »
MB: GIGABYTE GA-Z77X-UD3H Intel 7 Series  - LGA1155, CPU: Intel Core i5-3570K - Quad Core, 3.40GHz (3.80GHz Max Turbo), CPU COOLER: Cooler Master Hyper 212 EVO Direct Heat Pipe R2, RAM: 16 GB Kingston HyperX Blu DDR3, VIDEO CARD: Galaxy GeForce GTX 560 Ti - 1GB, GDDR5, POWER SUPPLY: Corsair Enthusiast Series TX750 V2 - 750 Watts, HD: Seagate Barracuda - 2TB, 7200RPM, 64MB, SATA 6Gb/s