real phishing attempt?

Hello, I did access this website the past couple of days, but I ran a scan and there were no threats detected. It is a colleague's campaign website, so I would like to tell him that his website is running malware if that is the case.

Thanks in advance!

Tagged:

Comments

  • Scott
    Scott ✭✭✭✭✭
    edited August 2023

    Hi @ryanmcdonaldusa

    I just checked it with Chrome.


    I also checked it with Virus Total, and it came up clean.

    You should submit it as a False Positive, and let Bitdefender Labs sort through it. They are pretty quick at getting to those. @Flexx may also have some insights tomorrow.


    Regards,

    Scott

    All Bitdefender Home Product User Guides: https://www.bitdefender.com/consumer/support/user-guides/ Using BD Antivirus Plus along with Glasswire free.

  • Thank you for your feedback!

  • Gjoksi
    Gjoksi Defender of the month mod

    Hello.

    Just checked it with Mozilla Firefox:

    I believe the problem is that the website does not have a valid certificate and that is the reason why Bitdefender blocks the website as phishing, it doesn't mean that the website is running malware.

    Also, the website is blocked by the Online Threat Prevention module, NOT the Advanced Threat Defense module.

    More info can be found here:

    and here:

    Regards.

  • Flexx
    Flexx mod
    edited September 2023

    As per the information over the web:

    The website joebelnome.com is a phishing website. It is not a legitimate website and should not be trusted.

    The website is designed to look like a legitimate website, such as a bank or credit card company. It may even have a similar URL. However, the website is actually controlled by scammers who are trying to steal your personal information, such as your credit card number or login credentials.

    If you see a link to joebelnome.com, do not click on it. If you have already clicked on the link and entered your personal information, contact your bank or credit card company immediately and report the fraud.

    The URL of the website is not a legitimate domain name. The domain name "joebelnome.com" is not registered to a legitimate company.

    The website is not using HTTPS, which is a secure protocol that encrypts data sent between your browser and the website.

    The website has poor grammar and spelling errors. Legitimate websites typically have high-quality content with no errors.

    The website is asking for personal information, such as your credit card number or login credentials. Legitimate websites will never ask for this information unless you initiate the request.


    But as checked under below website, it seems to be safe and detection seems to false negative.

    https://sitecheck.sucuri.net/results/joebelnome.com

    https://www.virustotal.com/gui/url/1e7514c5a3ae3f1c2c47193a6d00a270f64b783e14826d355562f37d43812dcb?nocache=1

    https://www.sslshopper.com/ssl-checker.html#hostname=joebelnome.com

    If you think the website/file is incorrectly blocked by bitdefender you can share the same with malware researchers by filling up the forum in below stated link

    If website/file is indeed incorrectly blocked, detection will be removed in maximum of 72 hours and if the detection still remains after 72 hours, consider the website/ file as malicious by malware researchers and the detection will stay.

    Regards

    Life happens, Coffee helps!

    Show your Attitude, when you reach that Altitude!

    Bitdefender Ultimate Security Plus (user)