Web Protection behaviour on different browsers

[da_yoshman 0]

I test an EMOTET Download link and after that i'm not sure if i get all configurations to be protected or missed some configuration in ESET

1. Internet Explorer --> Seems to be protected with the network protection
2. Chrome --> It seems to me that chrome is blocking the download before ESET comes in the game
3. Firefox --> Let me decide to download or open the file. So i try to download the file, but then firefox told me that the file is infected

So after that i'm not sure what will happen to this if chrome and/ or firefox think the file is clean - will then the network protection of ESET come into the ring?

[itman 1,627]

You might want to review this article on how Emotet is spread: https://www.us-cert.gov/ncas/alerts/TA18-201A 

Quote

Emotet is disseminated through malspam (emails containing malicious attachments or links) that uses branding familiar to the recipient; it has even been spread using the MS-ISAC name.

Use an e-mail client and configure it to disable active content and not automatically open e-mail attachments. Also Eset will scan all the incoming e-mail prior to arrival on your hard disk. Or, go to the extreme and configure the e-mail client to only receive e-mail in text format such as I do.

Edited December 20, 2018 by itman

[da_yoshman 0]

Thanks for your reply, but this is not the problem or question at this moment.

There is no .doc in the email, just a link to .doc file and i wonder a little bit about the different behavior of the three different browsers in combination with ESET

[itman 1,627]

3 minutes ago, da_yoshman said:

just a link to .doc file

Out of curiosity, post what the expanded link shows.