Author Topic: Script Runs Phishing Protection?  (Read 1975 times)

0 Members and 1 Guest are viewing this topic.


  • Guest
Script Runs Phishing Protection?
« on: November 06, 2004, 11:45:57 PM »
A new phishing attack is out which involves a scripts run program which will open and go to your HOSTS file when you open an e-mail - no attachment necessary. This has to do with a hacker attempting to get  your passwords when logging onto a bank site.  My question is: does Avast protect against this type virus in e-mail messages?...Further info provided in this link:,aid,118489,tk,dn110504X,00.asp  

Thanks to whomever responds and has the answer....Jim

Offline RejZoR

  • Polymorphic Sheep
  • Serious Graphoman
  • *****
  • Posts: 9391
  • We are supersheep, resistance is futile!
    • RejZoR's Flock of Sheep
Re:Script Runs Phishing Protection?
« Reply #1 on: November 06, 2004, 11:56:54 PM »
Its hard to say,but mail heuristics could detect this.
Visit my webpage Angry Sheep Blog

Offline igor

  • Avast team
  • Serious Graphoman
  • *
  • Posts: 11809
    • AVAST Software
Re:Script Runs Phishing Protection?
« Reply #2 on: November 07, 2004, 12:40:31 AM »
I think the quote is not correct. The mentioned article says:
... and you have ActiveX security settings configured too low (or if you are running an out-of-date and/or unpatched version of Windows), the Trojan horse installs itself on your PC.
The Trojan horse then makes changes to the Hosts file...

So, its just another ActiveX trojan. When it's activated (which the antivirus shouldn't allow), it can do anything - including e.g. changing your HOSTS file.