Hi! I use mailbird as an email client. Bitdefender doesn't flag infected incoming attachments. it does, however, detect them when performing a system scan. How can I have it block incoming infected attachments? Thanks!
Hi @moyperla,
By default, Bitdefender will protect your device if you accidentally click on a malicious email attachment and it will block the threat. But it cannot stop specific emails from arriving in your inbox, if that's what you are asking. Bitdefender's Email Protection feature can detect all types of cyber threats in incoming emails, for example and you can read more about it here. However, this feature only works with Gmail and Outlook clients and should not be confused with the Antispam feature, and this is an additional layer of protection, on top of the existing security modules.
Now, there's more to this topic. Bitdefender checks in real-time incoming & outgoing e-mails for cyber threats. It can also identify malware in email databases and email archives kept on the disk, but cannot disinfect threats that are already there. When infected items are detected inside Outlook and Thunderbird for example, they usually cannot be cleaned due to the fact that email archives cannot be repacked. At the end of the Bitdefender scan, you will be informed that no action has been taken against the e-mail attachments and asked to pick an action to remove the infection:
Now, you may ask yourself why doesn't Bitdefender actually delete infected emails? There is a risk you could lose the entire .pst file. I can't say much about Mailbird, but I think it works the same as in the case of Outlook, where .pst is a massive database file that contains all your emails and their attachments. Bitdefender has to extract that infected email and attachment and put the database file back together without damaging it. This action is not technically possible and most security solutions abort any attempt as it may irreparably corrupt the .pst file.
If the .pst file were simply deleted the result would be the loss of all emails going back years and years. Under normal circumstances, Bitdefender would simply move an infected file that cannot be disinfected to quarantine. But that would quarantine the entire email archive which is not ideal and the end result is the same – all emails would be missing.
Also, if the email application is open, the scan cannot take any action because the email database is in use.
For all these reasons, the solution is not that simple. As burdensome as it may be to manually search the email subject and delete the infected email/attachment one by one, it is preferable to the prospect of losing all your emails. However, there's a way to safely remove threats detected in e-mail attachments and the procedure is explained in the following article:
https://www.bitdefender.com/consumer/support/answer/2140/
As a best practice, you should always proceed with caution and verify the source of emails before clicking on links or downloading attachments, and be wary of unexpected emails, especially those asking for personal information or urgent action. Naturally, Bitdefender has several security layers that back each other up and provide protection, but perhaps one of the best defenses is prevention.
Regards
Thanks for the very clear explanation Alexandru! I understand that dealing with the e-mail client archive is impossible and blocking e-mails can potentially become a problem because of false positives. Then, a "heads up!" at the time a malicious file is being downloaded would be nice!
You are most welcome. 😉
