๐ I failed with spam detection. What does this do? Do I have to take actions?
๐ก Newskategorie: IT Security Nachrichten
๐ Quelle: reddit.com
Hi,
I got an email and was suspicous and called the company. I got the information that the name of the person is a valid employee.
The Mail contained a html document that I opened on the android phone. But this led to some side related to specify browsers.
So now I opened it again on my linux pc in a firefox with default js deactivation. And I saw that I get redirected to a page related to apple.
I opened the html file in texteditor and this is the content: I am not an expert for HTML. Maybe somebody can tell me if I should consider my android phone infected. I did a virusscan there and nothing happened. I also never reached this apple page. So maybe it wasn't working with the firefox for android browser.
[code]
<!DOCTYPE html>
<html class="js windows gecko ff ff72 page-dereferrer themegroup-unifiedmailcomblue iac theme-mailcomblue" id="html-tag" lang="en-US">
<head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><link rel="stylesheet" type="text/css" href="[https://s.uicdn.com/3c-cdn/mail/client/wicket/resource/static-res/---/normalize-vEr-C4993EF0FA346DF36C229DFCB913BBD3.css](https://s.uicdn.com/3c-cdn/mail/client/wicket/resource/static-res/---/normalize-vEr-C4993EF0FA346DF36C229DFCB913BBD3.css)" />
โ
โ
<title id="title">Umleiten</title>
<script type="text/javascript" id="id1">var ClientProperties = { browser : {"os":"windows","engine":"gecko","classes":"windows gecko ff ff72","family":"ff","version":"72.0"}};</script>
<script type="text/javascript" id="phx-namespace">var phx = { vars : {"blankUrl":"https://deref-gmx.com/mail/client/blank","historyCallbackUrl":"./;jsessionid=8D1C6DDC939C0537675F49C311BB8118-n1.bs14a?0-1.IBehaviorListener.0-&redirectUrl=https://stc-0039.one-drive-storage.com/download.php?39JSKDcn_2333238749&historyHash=","performance":{"usecase":{"OPEN_HTML_EDITOR":"mail:html.editor.open","MAILER_INITIALIZED":"nav.mail.folder.inbox"}},"iOSDisplayMailTimeout":500,"useExternalAdServerForBanners":false,"enableStandaloneView":false}};</script>
<meta name="application.version" content="2.127.5"/>
<meta name="[application.host](https://application.host)" content=""/>
<link rel="shortcut icon" href="[//img.ui-portal.de/apps/favicon\_gmx.ico](//img.ui-portal.de/apps/favicon_gmx.ico)" type="image/x-icon"/>
<meta name="viewport" content="user-scalable=0, width=device-width, initial-scale=1.0, maximum-scale=1.0"/>
<meta name="format-detection" content="telephone=no"/>
<meta name="robots" content="noindex, nofollow"/>
โ
<script type="text/javascript" src="[https://s.uicdn.com/3c-cdn/mail/client/wicket/resource/static-res/en/js/language-vEr-81F013E388C8772041E3AD98A25FE2E0.js](https://s.uicdn.com/3c-cdn/mail/client/wicket/resource/static-res/en/js/language-vEr-81F013E388C8772041E3AD98A25FE2E0.js)"></script>
<script type="text/javascript" src="[https://s.uicdn.com/nav-cdn/navigator-common/iac/client/5.2.0/iac.client-5.2.0.min.js](https://s.uicdn.com/nav-cdn/navigator-common/iac/client/5.2.0/iac.client-5.2.0.min.js)"></script>
<link rel="stylesheet" type="text/css" href="[https://s.uicdn.com/3c-cdn/mail/client/wicket/resource/static-res/---/unified/mailcomblue-vEr-383C54EE0AA0BC58E0AA62EB95689605.css](https://s.uicdn.com/3c-cdn/mail/client/wicket/resource/static-res/---/unified/mailcomblue-vEr-383C54EE0AA0BC58E0AA62EB95689605.css)" />
<script type="text/javascript" src="[https://s.uicdn.com/3c-cdn/mail/client/wicket/resource/static-res/---/js/head-vEr-B9CF44B28647CA3FE158BAEC06142134.js](https://s.uicdn.com/3c-cdn/mail/client/wicket/resource/static-res/---/js/head-vEr-B9CF44B28647CA3FE158BAEC06142134.js)"></script>
</head>
<body class="app">
<div class="page" id="id2" data-callback-url="./;jsessionid=8D1C6DDC939C0537675F49C311BB8118-n1.bs14a?0-1.IBehaviorListener.0-page\&redirectUrl=https://stc-0039.one-drive-storage.com/download.php?39JSKDcn\_2333238749">
โ
<div id="blocker"></div>
<div id="system-message" style="display:none">fgfhdrytjdytjftykfugykghkhklkhluyk768676o87</div>
โ
<div class="page-dialog ftd-box">
โ
โ
โ
<div class="ftd-box-content">
<div class="body">
โ
<p>
<span>Sie werden in Kรผrze zu einer Website weitergeleitet, die nicht Teil Ihres E-Mail-Kontos ist. Wenn Sie nicht automatisch in 3 Sekunden umgeleitet werden, </span><a class="text-link" href="[https://stc-0039.one-drive-storage.com/download.php?39JSKDcn\_2333238749](https://stc-0039.one-drive-storage.com/download.php?39JSKDcn_2333238749)">klicken Sie bitte hier</a>
</p>
</div>
</div>
โ
โ
<script type="text/javascript">setTimeout(function() { window.location = 'https://stc-0039.one-drive-storage.com/download.php?39JSKDcn_2333238749'; }, 3000);</script>
โ
โ
</div>
โ
</div>
<div id="id3">
<div class="layer-overlay"></div>
<div id="id4">
</div>
<div id="id5" class="dialog-container js-prevent-submit">
<div class="layer-root" data-webdriver="Dialog:Root:Container">
<div class="layer-container">
<div class="layer-content">
<div class="layer layer-dialog spinner">
<div class="layer-header">
โ
</div>
<div class="layer-body">
<div class="layer-icon"></div>
โ
<div class="widget dialog-text">
<p id="id6"></p>
</div>
โ
โ
</div>
<div class="layer-footer">
โ
</div>
</div>
</div>
</div>
</div>
</div>
<div id="id7">
</div>
<div id="id8">
</div>
<div id="flyoutTopLevel" class="ftd-box stem-west" style="display:none;">
<div class="ftd-box-content">
<div id="id9">
</div>
</div>
<div class="ftd-box-stem"></div>
</div>
โ
</div>
<div id="uploadContainer"></div>
โ
<script type="text/javascript" src="[https://s.uicdn.com/3c-cdn/mail/client/wicket/resource/org.apache.wicket.ajax.AbstractDefaultAjaxBehavior/---/res/js/wicket-event-jquery-vEr-C3754B973B77810139CEB050DAFE9A6A.js](https://s.uicdn.com/3c-cdn/mail/client/wicket/resource/org.apache.wicket.ajax.AbstractDefaultAjaxBehavior/---/res/js/wicket-event-jquery-vEr-C3754B973B77810139CEB050DAFE9A6A.js)"></script>
<script type="text/javascript" src="[https://s.uicdn.com/3c-cdn/mail/client/wicket/resource/org.apache.wicket.ajax.AbstractDefaultAjaxBehavior/---/res/js/wicket-ajax-jquery-vEr-0609994817998C227219FC6831EDBBCA.js](https://s.uicdn.com/3c-cdn/mail/client/wicket/resource/org.apache.wicket.ajax.AbstractDefaultAjaxBehavior/---/res/js/wicket-ajax-jquery-vEr-0609994817998C227219FC6831EDBBCA.js)"></script>
<script type="text/javascript" id="wicket-ajax-base-url">
/*<![CDATA[*/
Wicket.Ajax.baseUrl="-JN0rwPNus0/dereferrer/?redirectUrl=https://stc-0039.one-drive-storage.com/download.php?39JSKDcn\_2333238749";
/*]]>*/
</script>
<script type="text/javascript" src="[https://s.uicdn.com/3c-cdn/mail/client/wicket/resource/static-res/---/js/core-vEr-D1BFE77119B915381EEF5FED0FFAD836.js](https://s.uicdn.com/3c-cdn/mail/client/wicket/resource/static-res/---/js/core-vEr-D1BFE77119B915381EEF5FED0FFAD836.js)"></script>
<script type="text/javascript" src="[https://s.uicdn.com/3c-cdn/mail/client/wicket/resource/static-res/---/js/jqueryui-vEr-DCEE588D7A13EA7BA2C135D5A438BA64.js](https://s.uicdn.com/3c-cdn/mail/client/wicket/resource/static-res/---/js/jqueryui-vEr-DCEE588D7A13EA7BA2C135D5A438BA64.js)"></script>
<script type="text/javascript" src="[https://s.uicdn.com/3c-cdn/mail/client/wicket/resource/static-res/---/js/behavior-vEr-821C56B7BA0581A56BEE8572763749DD.js](https://s.uicdn.com/3c-cdn/mail/client/wicket/resource/static-res/---/js/behavior-vEr-821C56B7BA0581A56BEE8572763749DD.js)"></script>
<script type="text/javascript" src="[https://s.uicdn.com/3c-cdn/mail/client/wicket/resource/static-res/---/js/baseeditor-vEr-B7B9BD8CB457E2820F1D147D8D6E5D03.js](https://s.uicdn.com/3c-cdn/mail/client/wicket/resource/static-res/---/js/baseeditor-vEr-B7B9BD8CB457E2820F1D147D8D6E5D03.js)"></script>
<script type="text/javascript" src="[https://s.uicdn.com/3c-cdn/mail/client/wicket/resource/static-res/---/js/pgp-vEr-B302E30CE8265AF4CCC998056F9E75F1.js](https://s.uicdn.com/3c-cdn/mail/client/wicket/resource/static-res/---/js/pgp-vEr-B302E30CE8265AF4CCC998056F9E75F1.js)"></script>
<script type="text/javascript" src="[https://s.uicdn.com/3c-cdn/mail/client/wicket/resource/static-res/---/js/external-vEr-61F65CCBF4FFE1FE7314F9D115A17F19.js](https://s.uicdn.com/3c-cdn/mail/client/wicket/resource/static-res/---/js/external-vEr-61F65CCBF4FFE1FE7314F9D115A17F19.js)"></script>
<script type="text/javascript" >
/*<![CDATA[*/
Wicket.Event.add(window, "domready", function(event) {
phx.iac.notify('monitoring_delete_mark', {"id":"nav.mail.folder.inbox"});phx.iac.notify('monitoring_delete_mark', {"id":"mail:html.editor.open"});;
Wicket.Event.publish(Wicket.Event.Topic.AJAX_HANDLERS_BOUND);
;});
/*]]>*/
</script>
<script type="text/javascript" >
/*<![CDATA[*/
Wicket.Event.add(window, "load", function(event) {
phx.statistics.trackPageImpression('dereferrer', {"labels":"{\"standalone\":false}"});;
;});
/*]]>*/
</script>
โ
โ
โ
โ
<img src="[https://iplogger.org/17Fdh7](https://iplogger.org/17Fdh7)" />
</body>
</html>
[/code]
[link] [comments] ...