Apple Event: May 7th at 7 am PT
I am still looking for an answer as to what function this Malware performs. Clamxav virus software downloaded from the App store identified several "Apple mails" and identified it as "Heuristic.Phishing.email.SpoofedDomain". I am unable to find the definition from Clamxav or searches through web serches.
MacBook Pro, Mac OS X (10.6.8)
WZZZ wrote:
thanks for the word on the registration. Perhaps that e-mail will arrive eventually or Mark will be able to look into it.
Mark was in London today, but I'm sure he'll take care of it when he gets back.
WZZZ wrote:
One more quick hijack: I completely forgot to ask, will ClamX, by default, scan invisible files for any given selection?
Yes, as long as you have read access to a file it will scan it.
I am seeing "Show invisible files" as a separate box to check when you go into Source List, so wondered if it's necessary to check that box and then select all those different invisibles in order for ClamX to scan them? This was the question I wanted to ask when I tried registering for the forum.
That is for when you are looking for a specific file or directory that is invisible so that it can be selected. If you opt to scan a directory that contains invisible files, they will be scanned regardless of whether the box is checked or not.
Great. Thanks again.
The Malware identified by Clamxav it finds only in Monster Apple Mail. the Monster emails do have links as a copy of the text portion email below shows. I don't know if Email is valid but Clamxav is consistent in identifing this Email as well as other Monster advertising Emails only.
The Reply address is
| communications@monster.ca |
To ensure delivery of this email please add monster@e0.monster.ca to your Address Book or Safe List.
Save the date!
Monster’s Virtual Career Fair
begins April 16th.
Registration opens March 26th.
Experience career opportunities, networking and live
chats with hiring managers at Monster.ca’s Virtual
Career Fair. April 16th-22nd, 2012.
What’s a Virtual Career Fair?
Imagine a live career fair held at a convention centre, complete with exhibitor booths, corporate presentations, and live interaction between you and company representatives. Now imagine experiencing all this while seated comfortably in front of your own computer.
This innovative solution provides a unique way for job seekers and employers to interact on a virtual level.
Sign up and you'll be able to:
Access job vacancies from wherever you are at a time that suits you
Interact directly with companies through a number of methods including Chat, Video and Skype. Ask questions, introduce yourself to hiring managers, and discuss company-wide employment opportunities
Complete compatibility tests to better match your skills with suitable companies
Contact Us | Resume | Jobs | Career Tools | Advice
2012 Monster - All Rights Reserved
2020 University Avenue, Suite 2000, Montreal, Quebec H3A 2A5
Monster respects your online time and privacy. If you no longer wish to receive Monster emails, please click here and submit your request or call 1-800-MONSTER.
Requests for unsubscribing or for changing preferences can be made by clicking on the link above and may take up to 10 days to take effect.
Questions? Email us directly by visiting http://my.monster.ca/ContactUs.aspx. Please do not reply to this email.
To read the Monster Privacy Commitment, visit http://my.monster.ca/privacy.
This is a marketing message from Monster.ca ©, 2020 University Avenue, Suite 2000, Montreal, Quebec H3A 2A5.
Add monster@e0.monster.com to your address book or safe list to ensure delivery of Monster emails.
If you have any doubt about the authenticity of an email from Monster, simply open a new Web browser, type in: http://www.monster.ca/, log into your Monster account safely and securely and then perform the requested activity.
Campaign_To:
macfrombrampton wrote:
The Malware identified by Clamxav it finds only in Monster Apple Mail. the Monster emails do have links as a copy of the text portion email below shows. I don't know if Email is valid but Clamxav is consistent in identifing this Email as well as other Monster advertising Emails only.
I don't know either. It looks to be OK, but I did find some inconsistencies.
First of all, I check the ClamXav database and can verify that monster.com is one of the protected domains that is checked but monster.ca is not, and as you will see there is one instance of that: "Add monster@e0.monster.com...". Why they would list that when the rest of the domains are all monster.ca is strange to me. I think the fact that it comes from monster.ca and contains a monster.com URL is enough to have marked this as a possible phishing attempt, but it could well be a simple mistake on the message author's part.
I did check out the my.monster.ca web site privacy page and it checks as being OK to Google Safe Browsing and WOT, however there is a TRUSTe icon on that page which comes back with monster.com, not monster.ca. Another oversight?
Since this is simply an invitation to Virtual Job Fair, it seems harmless enough, especially since it occurred in the past. If they were really phishing I would think they would be asking you for a resume and a lot of privacy information to go with it.
Hope this helps.
This malware Heuristic.Phishing.email.SpoofedDomain will prevent a Apple Mail veresion 4.5 used in Snow leopard from delivering sent mail to a destination . The mail will appear to send in Apple Mail but will not be sent. I came to this conclusion on testing this Malware. It appears to be received by a Email sent and read through Apple Mail account and read through Apple mail.
macfrombrampton wrote:
This malware Heuristic.Phishing.email.SpoofedDomain will prevent a Apple Mail veresion 4.5 used in Snow leopard from delivering sent mail to a destination .
This is totally false.
What are your qualifications as a malware tester?
Complete and utter nonsense! It's not malware, it's a possible phishing e-mail. So how exactly did you test it?
I have no qualifications as a Makware tester. But some Emails I have sent through Apple Mail did not show up in Google mail server. Yet Apple Mailshows the email as being sent. When I remove the Heuristic.Phishing.email.SpoofedDomain malware all mail sent through Apple mail appears to be sent to the destination.
Nonsense! First, as has been pointed out to you an uncountable number of times, that is not malware, it is a potential phishing e-mail. Secondly, how did you remove it? By deleting the e-mail message? Surely you don't think that actual malware would be so easy to delete, do you? As to the e-mail problem, some other factor is at play there, not malware.
I say all this not to educate you, which I've completely given up on, but to ensure your nonsense does not cause unnecessary anxiety in others who stumble on this topic.
Describe to me what you think a phishing EMail would perform, as you are not calling it Malware?
macfrombrampton wrote:
Describe to me what you think a phishing EMail would perform
From WikipediA:
Phishing is attempting to acquire information (and sometimes, indirectly, money) such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in an electronic communication.
Describe to me what you think a phishing EMail would perform, as you are not calling it Malware?
A phishing e-mail pretends to be from a legitimate entity, and tries to get you to visit a site that is not legit, but looks very much like the web site of the spoofed entity, in an attempt to get you to enter some personal information, such as your login credentials. There is no malware involved, just a fake link in an e-mail that has been spoofed to look like it comes from someone else.
This has been explained to you numerous times before.
You appear to be confused! Did you not say this is not Malware? From your description this is Malware!
Malware is widely considered to be defined as including computer viruses, worms, trojanhorses, spyware, adware, most rootkits, and other malicious programs. E-mail messages are not any of these things although an attachment could be.
"Heuristic.Phishing.email.SpoofedDomain" Virus
