Author Topic: Filters not working very well?  (Read 261 times)

Offline louyo

  • Comodo Family Member
  • ***
  • Posts: 95
Filters not working very well?
« on: August 18, 2017, 10:27:44 AM »
I am seeing quite a bit more email getting blocked downstream from Comodo.
"Scanned image from MX-2600N      VBS/Schopets.A"

Used to get 2 or 3 of these a week. Now getting them 1 or 2 a minute.
What happened?

Lou

Offline louyo

  • Comodo Family Member
  • ***
  • Posts: 95
Re: Filters not working very well?
« Reply #1 on: August 19, 2017, 07:39:17 AM »
OK, contacted support and got a quick reply asking for some headers. Sent same and, shortly thereafter, the stuff stopped and went back to normal. Kudos to ASG.
Thank you,
Lou

Offline fatih.orhan

  • Global Moderator
  • Comodo Loves me
  • *****
  • Posts: 153
Re: Filters not working very well?
« Reply #2 on: August 23, 2017, 12:55:09 PM »
I am seeing quite a bit more email getting blocked downstream from Comodo.
"Scanned image from MX-2600N      VBS/Schopets.A"

Used to get 2 or 3 of these a week. Now getting them 1 or 2 a minute.
What happened?

Lou
Lou, that's a phishing campaign spreading Locky Malware. Do you say you get the emails in your inbox? or blocked?

For more info, you can check our weekly Threat Intelligence update video (https://vimeo.com/230189056). IKarus is last week's campaign and Scanned image is this week's, but practically same group, sending same malware. There is also a publication about it:http://mspmentor.net/security/massive-new-locky-variant-ransomware-attack-now-underway

Offline louyo

  • Comodo Family Member
  • ***
  • Posts: 95
Re: Filters not working very well?
« Reply #3 on: August 23, 2017, 02:25:40 PM »
No, these were emails that were caught and blocked downstream. I suspect that something changed when the new server was activated.. After my report to support, things went back to normal. I have 2 more AV services before the mail hits our users.

Lou

 

Seo4Smf 2.0 © SmfMod.Com Smf Destek