da_yoshman 0 Posted December 20, 2018 Share Posted December 20, 2018 I test an EMOTET Download link and after that i'm not sure if i get all configurations to be protected or missed some configuration in ESET 1. Internet Explorer --> Seems to be protected with the network protection 2. Chrome --> It seems to me that chrome is blocking the download before ESET comes in the game 3. Firefox --> Let me decide to download or open the file. So i try to download the file, but then firefox told me that the file is infected So after that i'm not sure what will happen to this if chrome and/ or firefox think the file is clean - will then the network protection of ESET come into the ring? Link to comment Share on other sites More sharing options...
itman 1,748 Posted December 20, 2018 Share Posted December 20, 2018 (edited) You might want to review this article on how Emotet is spread: https://www.us-cert.gov/ncas/alerts/TA18-201A Quote Emotet is disseminated through malspam (emails containing malicious attachments or links) that uses branding familiar to the recipient; it has even been spread using the MS-ISAC name. Use an e-mail client and configure it to disable active content and not automatically open e-mail attachments. Also Eset will scan all the incoming e-mail prior to arrival on your hard disk. Or, go to the extreme and configure the e-mail client to only receive e-mail in text format such as I do. Edited December 20, 2018 by itman Link to comment Share on other sites More sharing options...
da_yoshman 0 Posted December 20, 2018 Author Share Posted December 20, 2018 Thanks for your reply, but this is not the problem or question at this moment. There is no .doc in the email, just a link to .doc file and i wonder a little bit about the different behavior of the three different browsers in combination with ESET Link to comment Share on other sites More sharing options...
itman 1,748 Posted December 20, 2018 Share Posted December 20, 2018 3 minutes ago, da_yoshman said: just a link to .doc file Out of curiosity, post what the expanded link shows. Link to comment Share on other sites More sharing options...
Recommended Posts