Guest Phil Posted April 28, 2021 Share Posted April 28, 2021 My son clicked today on a link in a month-old phishing email (URL: cateed.org). We rebooted the router and ran ESET scans that were clean. We think the site was malicious at one time, but is now inactive. Questions: Would ESET have blocked the site if it was active and malicious? Would ESET have detected any attempt to download malicious content from that site? Does it make sense that in a month the bad actors moved on from the site and nothing bad happened when we clicked the link because it was inactive? Trying to assess risk here is like trying to prove a negative. Appreciate any help/insight. Link to comment
Administrators Marcos 5,234 Posted April 28, 2021 Administrators Share Posted April 28, 2021 The domain is not blocked by any of the security solutions: https://www.virustotal.com/gui/url/3bb596989090c5d8b24df53fa9bba7e9ad3129427490fbae4a40235002d71709/detection Link to comment
itman 1,741 Posted April 28, 2021 Share Posted April 28, 2021 46 minutes ago, Guest Phil said: Would ESET have blocked the site if it was active and malicious? Would ESET have detected any attempt to download malicious content from that site? Was this e-mail opened in a browser or an e-mail client? Link to comment
Most Valued Members shocked 60 Posted April 28, 2021 Most Valued Members Share Posted April 28, 2021 if the link you mentioned is correct, visiting it returns "server not found" error. if the site was taken down a long time ago, means no webpage exists that could potentially infect a computer. Link to comment
Guest Phil Posted April 28, 2021 Share Posted April 28, 2021 The e-mail was opened in webmail in a browser. Link to comment
Most Valued Members peteyt 396 Posted April 28, 2021 Most Valued Members Share Posted April 28, 2021 Eset blocks dangerous websites via a blacklist, but as Marcos has mentioned VirusTotal shows no AV blocking it. Eset Will also try and block malicious scripts and scan downloads. As the site has nothing on it, it looks like you are safe Link to comment
Guest Phil Posted April 28, 2021 Share Posted April 28, 2021 Many thanks to all who replied! We will consider this a bullet dodged, but will continue to monitor for any abnormalities. Link to comment
Recommended Posts