Hello, I ran a BitDefender scan today and it detected a Trogan.PDF.Phishing.RD found in the Mail Attachment folder. I have deleted this file and do not remember ever opening this email nor downloading or opening the attached file. Should I be worried about being infected and needing to change passwords etc? I assumed that the mail app just automatically downloads emails and their attachments but I am not too sure. Some assurance would be fantastic, thankyou.
Generally the risk is low, and there's not enough info in your post to be certain, but the description implies you received a phishing email with an attached trojan.
The options are pretty much:
1) Mail.app does a pretty good job of filtering these mails into your Junk folder, so there's a chance you never saw the message in the first place, in which case you're fine - the trojan can't do anything unless you invoke it.
2) If you saw the message, it probably said something vague about you needing to 'open the attachment' for some 'important information'. If you saw the message and recognized it for what it was, and didn't open the attachment, you're also fine - again, the trojan can't do anything if you don't invoke it.
However, some of these emails are well written and you might have been tricked into opening the file thinking it was legitimate.
3) If you didn't recognize the message as junk, and did open the attachment, there is a chance something bad happened. However, most trojan attacks target Windows systems (they are generally easier to hack and there are more of them out there so have a higher chance of success). A lookup on that name implies it is a Windows-specific hack, in which case you have nothing to worry about (Windows viruses/trojans can't affect Macs). However, there are cross-platform attacks, including ones that take you to web sites that look like official sites such as banks, to trick you into giving up your account credentials.
So,
IF mail.app didn't filter the message to your junk folder
AND IF you saw the message
AND IF you read the message and didn't recognize it as junk
AND IF you opened the attachment
AND IF the attachment wasn't specific to Windows systems
AND IF you authenticated to either install some software, or login to some site
then there's a chance something bad happened.
If any of the above aren't true, then you're OK.
In any case, changing passwords is rarely a bad idea, but it won't help if the malware is already installed, or you've already given up your account credentials. Something about closing the stable door after the horse has bolted.
Generally the risk is low, and there's not enough info in your post to be certain, but the description implies you received a phishing email with an attached trojan.
The options are pretty much:
1) Mail.app does a pretty good job of filtering these mails into your Junk folder, so there's a chance you never saw the message in the first place, in which case you're fine - the trojan can't do anything unless you invoke it.
2) If you saw the message, it probably said something vague about you needing to 'open the attachment' for some 'important information'. If you saw the message and recognized it for what it was, and didn't open the attachment, you're also fine - again, the trojan can't do anything if you don't invoke it.
However, some of these emails are well written and you might have been tricked into opening the file thinking it was legitimate.
3) If you didn't recognize the message as junk, and did open the attachment, there is a chance something bad happened. However, most trojan attacks target Windows systems (they are generally easier to hack and there are more of them out there so have a higher chance of success). A lookup on that name implies it is a Windows-specific hack, in which case you have nothing to worry about (Windows viruses/trojans can't affect Macs). However, there are cross-platform attacks, including ones that take you to web sites that look like official sites such as banks, to trick you into giving up your account credentials.
So,
IF mail.app didn't filter the message to your junk folder
AND IF you saw the message
AND IF you read the message and didn't recognize it as junk
AND IF you opened the attachment
AND IF the attachment wasn't specific to Windows systems
AND IF you authenticated to either install some software, or login to some site
then there's a chance something bad happened.
If any of the above aren't true, then you're OK.
In any case, changing passwords is rarely a bad idea, but it won't help if the malware is already installed, or you've already given up your account credentials. Something about closing the stable door after the horse has bolted.
Kastl3 wrote:
Should I be worried about being infected and needing to change passwords etc?
No. There is nothing to be worried about.
Trojan found in mail folder
