VirusHTML/Phish!tr
Analysis
HTML/Phish!tr is a detection for HTML codes that redirect the web browser to a phishing web site.
This detection is not limited to in wild spear/attack/spam phishing campaign some samples may include as part of third party pen testers using spam campaign as one of their internal tools.
- Below are some of the sample illustration on how these Phishing scheme may look like:
- Figure 1: Scam Phishing hosted over google docs.
- Figure 2: WhatsApp phishing embedded on some Phishing Mails.
- Figure 3: Sample Phishing.
- Figure 4: Sample Phishing.
- Figure 5: Phishing.
- Figure 6: American Express Phishing.
Recommended Action
- Make sure that your FortiGate/FortiClient system is using the latest AV database.
- Quarantine/delete files that are detected and replace infected files with clean backup copies.
Detection Availability
| FortiClient | |
|---|---|
| Extreme | |
| FortiMail | |
| Extreme | |
| FortiSandbox | |
| Extreme | |
| FortiWeb | |
| Extreme | |
| FortiADC | |
| Extreme | |
| FortiIsolator | |
| Extreme | |
| FortiDeceptor | |
| Extreme | |
| FortiEDR |
Version Updates
| Date | Version | Status | Detail |
|---|---|---|---|
| 2024-06-30 | 92.05492 |
Modified
|
|
| 2023-12-08 | 91.09541 |
Modified
|
|
| 2023-11-06 | 91.08574 |
Modified
|
|
| 2020-04-14 | 76.70200 |
Modified
|
Sig Updated |
| 2019-10-17 | 72.40100 |
Modified
|
Sig Updated |
| 2019-10-15 | 72.34800 |
Modified
|
Sig Updated |
| 2019-08-26 | 71.15400 |
Modified
|
Sig Updated |
| 2019-08-24 | 71.08900 |
Modified
|
Sig Updated |
| 2019-08-23 | 71.08300 |
Modified
|
Sig Updated |
| 2019-08-20 | 71.02600 |
Modified
|
Sig Updated |