Where to submit potential malware in email for submission?

Discussion in 'other anti-malware software' started by acr1965, Jan 18, 2020.

  1. acr1965

    acr1965 Registered Member

    Joined:
    Oct 12, 2006
    Posts:
    4,995
    I have received an email which appears to have a picture (html?) that is an active link to some sort of malware. Someone at work received it and forwarded it to me to see what it leads to for testing or analysis purposes. I can forward the email but it contains somewhat sensitive email addresses as it was forwarded from a batch of email addresses in a book. Any ideas? Please PM if needed. Thanks
     
  2. Bill_Bright

    Bill_Bright Registered Member

    Joined:
    Jun 29, 2007
    Posts:
    4,040
    Location:
    Nebraska, USA
    It is usually just best to delete it. Don't open it. Don't forward it. More than likely, if truly malicious, the bad guy spoofed any identifying information anyway so any tracing back would lead to a dead end.

    Beyond that, there are methods to send suspected emails to Microsoft, Symantec/Norton, McAfee and the others, but these methods typically are to be used when the suspected email successfully made it past their filters and scanners. For example, this article tells Office 365 and Exchange Online Protection customers how to submit those emails that made past those Microsoft filters. McAfee has similar guidelines for suspected spam or phishing samples that made it past McAfee security products.

    So what really should happen is that "someone at work" should have forwarded it to their IT people, not you.

    Oh, and normally links don't "go to" malware. Typically malicious links "contain" malware, or they send you to a phishing site or something similar.
     
  3. acr1965

    acr1965 Registered Member

    Joined:
    Oct 12, 2006
    Posts:
    4,995
    It was actually a fairly simple question, not something that necessarily needed a sermon for a response. But thanks anyway.
     
  4. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    5,858
    i use mailwasher and when marked as spam then its contributed back into the anti spam network. thats all here, i dont care any longer of such mails after deleting it.

    many email provider take care of such spam list, i can see it when exploring my (online) spam folder where mails get sorted while they arrived here in the beginning of their appearance.
     
  5. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,881
    Location:
    Slovenia, EU
    If there is a link to malware in email you can just copy paste link on Virustotal or submit it to other AV vendors for their analysis. You don't need to send whole email if only link leads to suspicious site.
     
  6. Bill_Bright

    Bill_Bright Registered Member

    Joined:
    Jun 29, 2007
    Posts:
    4,040
    Location:
    Nebraska, USA
    "Why is the sky blue is simple" question. Does that mean the answer is simple? It was not a sermon. But good to know you are so grateful when someone offers their spare time to help you. :rolleyes:

    I do too. In fact, I'm a MailWasher Pro beta tester. Great program. And I report suspected spam to SpamCop, the FTC, and PhishTank. But the problem in this case is the suspect email was not originally sent to the OP but forwarded to him by a friend/coworker, and therefore, not spam. I don't see where MW will help now. In the future, MWP might help the original recipient but I note MailWasher is a "spam" filter/blocker. The OP asked about an embedded link in an image that goes to malware. That to me is something browser security, email client security and/or their anti-malware solution should address.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.