Saturday, March 10, 2012

What is HTML.Phishing.Bank-485 virus?

Yesterday, I received one email mentioning that my PayPal account should be updated. I suspect that it's not from PayPal itself. So, I decided to send it to my friend to ask what is this. When I sent it, my email is rejected from email server mentioning that my email is infected by HTML.Phishing.Bank-485 virus.

What is HTML.Phishing.Bank-485 virus?

Is it only on that email or it's transformed in my computer as well?What is HTML.Phishing.Bank-485 virus?
The virus is not in your machine, it is strictly contained in the email. The email is HTML formatted and within the HTML code, there's phishing routines embedded in it. Most likely one of the URLs (links) in the email points to a phishing site that asks for your PayPal info. Discard the email (and any attachments if it came with it) and you're done.

Also, for future reference, learn to how to view full headers (depending on your client, it might say "Message Source"). Just because the "from" says "service@paypal.com", doesn't mean it actually originated at PayPal. View the full headers and look for Return-Path, Message-ID, and review the Received headers (especially the one with the HELO statement - that HELO info will contain the actual name and/or IP address of the server that sent the email to your server.. if it doesn't say PayPal, dump it!).

No comments:

Post a Comment