Author Topic: multiple threats html phishing CGK  (Read 1855 times)

0 Members and 1 Guest are viewing this topic.

Offline discoveredtreasures

  • Newbie
  • *
  • Posts: 1
multiple threats html phishing CGK
« on: February 24, 2023, 09:18:10 PM »
Receiving multiple threats daily from email system has been potentially infected. Avis file shield alert secured threats how do I remove any potential issue. Took a screenshot but your system doesn't apparently allow me to attach it. I believe there's something in my system but I can't do anything about it the scans deep scan does not pick up anything but I get this daily so I don't believe it's random emails coming in. What happens if your avast system does not catch all of the infected emails.  How do I clear out issues that may be in my system.  Each of my lap tops report same phishing alerts.
/ private/VER/folders/80/7… That's the file path,  process is/application/male got apps/contents – macOS – mail, detected by file shield threat blocked.

John

Offline ondrej.kolacek

  • Avast team
  • Sr. Member
  • *
  • Posts: 394
Re: multiple threats html phishing CGK
« Reply #1 on: February 27, 2023, 05:45:26 PM »
Receiving multiple threats daily from email system has been potentially infected. Avis file shield alert secured threats how do I remove any potential issue. Took a screenshot but your system doesn't apparently allow me to attach it. I believe there's something in my system but I can't do anything about it the scans deep scan does not pick up anything but I get this daily so I don't believe it's random emails coming in. What happens if your avast system does not catch all of the infected emails.  How do I clear out issues that may be in my system.  Each of my lap tops report same phishing alerts.
/ private/VER/folders/80/7… That's the file path,  process is/application/male got apps/contents – macOS – mail, detected by file shield threat blocked.

John
Hello,

it looks like your mail client is repeatedly downloading infected mail, which File Shield removes from the disk and stores into chest; this triggers the mail client to re-download id again and again. This happens only in corner cases, usually such mail should be stopped by Mail Shield. But if your mail client does not use imap/pop3, or your mail shield is turned off, it can happen.

Saying this, mail containing phishing is not really something that can infect your computer directly, but rather it is a fake email trying to lure you to enter your personal information, login information, or banking information somewhere.

Ideally you should delete the mail via web GUI, however it is pretty difficult to find out which mail it is based on the file name. You could go to Quarantine in Avast UI, restore one of the infected mail files, open it in text edit, find out which mail it is, and delete it in your mail box or via a Web GUI.

An alternative is to simply disable File Shield for a while, and let the mail client download the infected mail. You can then delete the mail, or just ignore it and while being careful when accessing recently received mail, as it may be a phishing mail. You can re-enable fileshield after a day or so.

Kind regards,
Ondrej Kolacek