Jump to content

Eset File Security PDF/Phishing.A.Gen


Recommended Posts

Hi All,

I'm currently trailing Eset File Security for Windows, and it seems to be picking up a lot of my user's PDF files as PDF/Phishing.A.Gen.  It looks like ESET is just flagging them because they've got an embedded link which might lead to a phishing site?

Is it possible to turn off this one single detection?

Thanks,

Matthew

Link to comment
Share on other sites

  • Administrators

Yes, that's correct. PDF files with functional links to phishing are detected as PDF/Phishing.A.Gen. It's not possible to turn off the detection but you can exclude particular files from scanning.

What's the purpose of having PDFs with phishing links deliberately on a machine?

Link to comment
Share on other sites

Thanks for the quick reply.

I have several PDFs that have links in them, which are not phishing links, but which trigger ESET.  For example please see the attached PDFs in a zip file.

I'd prefer not to have to exclude all pdf's by file type.

Matthew

 

Edited by Matthew Kent
Link to comment
Share on other sites

  • Administrators

Upgrades-v2.pdf contains a link to a non-existing domain with phishing. Since it doesn't pose any risk any more, we'll unblock it as well as the link blocked in the other PDFs. In less than 30 minutes the files should not be detected.

In case you come across possible FPs, please report them to samples[at]eset.com.

Link to comment
Share on other sites

Ok I'll continue to submit samples via email.  I suspect that I had so many false positives at first because I scanned for old files and folders from around 2008 so as not to disturb my current users.  I'm now scanning more recent stuff and haven't (yet) had another false positive.

 

Thanks,

Matthew

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...