EE phishing email: scam website taken down

Thanks for the link. I also tried it, but it only seemed to work for about 50% of the test cases I used.

Now that’s interesting Derek ,any chance of giving me one that doesn’t work so I can perform tests ?

Duncan its checks seems to give three outcomes equivalent to yes, no and can’t tell. Using quite a few real addresses gave the can’t outcome.

I didn’t find any problems with standard email addresses if it goes through an email proxy that throws up errors not just in that checker but in my own checker .
I get emails from Hackread Thunderbird suspects they are scams but any real scamming email addresses came up as scams.
It checks the route out but if its diverted for any reason even legitimate you wont get a right answer .

Derek have a read of this simply put comment on whether an email that’s marked as “possible scam ” might not be.-
https://askleo.com/why-does-thunderbird-think-this-message-might-be-a-scam/
Okay Derek try this more comprehensive checker a check is free for a check but if using in bulk you have to pay at least it will test one of your “dud ” email addresses.-
[URL removed by moderators]

Thanks I’ll try those later when I’m sat at a proper PC.

Thanks Duncan, that second email checker seemed to be more decisive than the first one.

I also rechecked the first one and I think I actually got a false positive from it – i.e. it told me that a made-up false email was real. Of course, I don’t know for sure that the made up email won’t be real, but I do judge that to be very unlikely.

That last one caused my AVG to become agitated, Duncan; wouldn’t let me get to the site without warning me:

We’ve just saved you from an infected website

This URL contains malicious code that could harm your computer.
If you’re willing to risk it, you can turn off your AVG Web Shield to continue.
But we strongly recommend walking away from this one.

Not on my checkers Ian – only 2 main trackers- Google & Yandex not even on Malwarebytes virus /malware shown , its probably Yandex as its Russian.
But I will recheck a bit deeper.

You do know AVG has a history of false positives Ian and you can report them to them
its so bad that a small business organisation tell you to-
https://smallbusiness.chron.com/turn-off-false-positive-avg-69481.html

I have a virus checker in LInux it too gives out false positives even -“Warning ” which turn out to be of no consequence so I have two or more malware checkers .
If you are so sure can you get AVG to display text giving in detail exactly what its bothered about ?

Okay to save any argument I took your posting of the URL and used VIRUS TOTAL which is used by millions round the world —
only TWO out of THIRTY THREE thought it was phishing –
https://www.virustotal.com/gui/url/8be7ad74194c98b681167295405a2d939068ef6b4d9878e60e709ea8dae10a8d/detection
See what I am getting at ? even my own Malwarebytes which is a good one shows it as clean – Emsisoft-ESET-Phishtank-Spam 404-etc etc etc — now whose advice do you take – two out of 33 or all those major ones ?

It is always better to be safe than sorry when dealing with posted Web links.

Yes Derek but its my reputation that’s on the line here– why doesn’t Ian ask Virus Total why they don’t use AVG in their long list ?
I know the reason –“unreliable ” its well known throughout the web.

AVG was fairly specific, Duncan: “This URL contains malicious code that could harm your computer.” Now, it could be fine – but this is for a Mac, so could be Mac specific.

The thing is that this is the first alert I’ve had in months, so AVG rarely flags anything up. When it does, are you saying I should ignore it?

I’ve now tried it on two other browsers, and all three are blocking it. It would seem that the code on the site is designed to infect com.apple.webkit/networking on the Mac.

Ian forget my reputation Virus Total tests it on various platforms and they don’t (unless you take a Russian one + another ) as “proof” out of the other 33 virus companies some really big names and good reputation,say its phishing or even malware , never the less although I don’t have a Mac system I will check to make sure it applies to Mac ,it certainly does to Windows & Linux , I will get back shortly.

Indeed, and this paragraph seems to suggest I was wise not to follow the link:

“A report by Malwarebytes in March 2018 suggested that Mac malware grew by 270 percent in 2017. The same company reported that it had already seen an increase in Mac malware in 2019, with 16 million instances recorded in April – which is four times more than the previous record.”

Total virus itself shows four engines describing the URL as malicious, one of which was Google Safebrowsing.

However, I may have got to the bottom of things. The link you posted was for email-checkers . . com whereas the email checking service is actually https://www.email-checker.com

It appears that some dubious individuals have created a site that looks like the real thing but where the URL has an ‘s’ on the end and then embedded malicious code inside. They’re depending, I suspect, on people not being too careful when they copy URLs.

On the plus side it seems AVG was right.

Ian I rechecked on Virus Total with – my 21November post using the exact same URL and got the same result .
Okay I missed Google but that still is only 4 out of that long list of 70 (top left hand corner ) including the very well known –Bit Defender-Avira-Emsisoft ( high quality company ) -Comodo ( which issues safety certificates for websites ) -Spamhaus ( used by big business ) -EST-G-Data etc etc .
What I will do is use my Yandex email service which has strong virus control and input that to the website to see if any malware gets sent to me at least I will be able to check its routing .
I found that email-checkers.com is the public front of -mailcheck.co which does add in the www , there is link on that webpage to take you too it so its not a phishing website set up to catch people but just a front for mailcheck , if it was phishing then there would be no link to it unless you think that the actions of input are being transferred to mailcheck which that I will agree with , maybe devious but not malware.
Mailcheck gets the all clear so it looks like its methods of business aren’t too kosher shall we say ?

So all the characteristics of a spam email, in fact?

Indeed.

Also, many of the page options just seem to link back to the home page – or at least they do when viewing the page as user Guest on a Chromebook.

Sometimes, there are mitigating circumstances for poor English on a web page or in an app. For example, the authors might be acknowledged world experts in a given field, but might not use English as their native language.