Comments on: USPS ‘Postal Notification’ themed emails lead to malware http://blog.webroot.com/2012/11/06/usps-postal-notification-themed-emails-lead-to-malware/ WEBROOT - INSIGHTS INTO THREATS AND TRENDS FROM OUR INTERNET SECURITY EXPERTS Thu, 23 May 2013 07:00:37 +0000 hourly 1 http://wordpress.com/ By: ddanchev http://blog.webroot.com/2012/11/06/usps-postal-notification-themed-emails-lead-to-malware/#comment-83792 Sat, 10 Nov 2012 16:51:41 +0000 http://blog.webroot.com/?p=8521#comment-83792 Hello,

It means that in the exact time that the sample was scanned, 21 scanners didn’t detect it using the standard signatures based detection mechanism.

This is prone to improve over time, as VirusTotal shares samples with antivirus vendors. It doesn’t mean that the behavioral detection — where applicable — would also miss detecting this. This is a metric that VirusTotal does not offer for the time being.

Webroot is intercepting the malicious activity about to be performed by the executable, and is consequently preventing it from taking place.

Thanks,
Dancho

]]> By: JL http://blog.webroot.com/2012/11/06/usps-postal-notification-themed-emails-lead-to-malware/#comment-82449 Wed, 07 Nov 2012 11:41:43 +0000 http://blog.webroot.com/?p=8521#comment-82449 My friend, when you identify the MD5′s “detected by 23 out of 44 antivirus scanners as…” does that mean that 21 antivirus scanners missed the threat, or just that those scanners named the MD5 to a common signature?

How is Webroot fairing on its behavioral analysis if users click these malicious email links? A+?

]]>