Defender needs to be udpated

%3CLINGO-SUB%20id%3D%22lingo-sub-2087553%22%20slang%3D%22en-US%22%3EDefender%20needs%20to%20be%20udpated%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2087553%22%20slang%3D%22en-US%22%3E%3CP%3EHello%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20did%20a%20typo%20of%20translategoogle.com%20that%20should%20have%20been%20translate.google.com%20and%20for%20some%20reason%2C%20this%20site%20seems%20to%20have%20multiple%20types%20of%20redirects.%20It%20one%20times%20redirects%20t%20o%20a%20site%20that%20has%20a%20unsafe%20website%20that%20is%20blocked.%20But%20there%20is%20more%20redirects%20that%20bypass%20that%20that%20have%20a%20fake%20Microsoft%20webpage%20in%20the%20background%20with%20tons%20of%20warning%20of%20%22Micorsoft%20Defender%22%20and%20tons%20of%20poups%20and%20talking.%20Ahhhh%3C%2FP%3E%3CP%3EDefender%20needs%20to%20be%20updated%20to%20be%20able%20to%20detect%20these.%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThank%20you%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EShawn%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EPS%3A%20Sorry%20was%20in%20a%20rush%20and%20sorry%20for%20typos.%20Also%20sorry%20if%20this%20is%20the%20wrong%20place%20to%20put%20this%20was%20the%20best%20I%20could%20think%20of%3C%2FP%3E%3CDIV%20class%3D%22ms-editor-squiggler%22%3E%26nbsp%3B%3C%2FDIV%3E%3CDIV%20class%3D%22ms-editor-squiggler%22%3E%26nbsp%3B%3C%2FDIV%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2089161%22%20slang%3D%22en-US%22%3ERe%3A%20Defender%20needs%20to%20be%20udpated%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2089161%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F432260%22%20target%3D%22_blank%22%3E%40Shawn1710%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ESo%20the%20problem%20being%20that%20you%20got%20redirected%20to%20this%20site.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fpshscanning.xyz%2Fmcf%2Findex.php%3Flpkey%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fpshscanning.xyz%2Fmcf%2Findex.php%3C%2FA%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAnd%20then%20got%20hit%20with%20a%20whole%20lot%20of%20garbage%20about%20being%20infected%20with%20at%20least%205%20viruses.%3C%2FP%3E%3CP%3EDid%20you%20report%20the%20site%3F%26nbsp%3B%20Although%20the%20redirect%20is%20the%20primary%20problem%3C%2FP%3E%3CP%3EI%20saw%20as%20hell%20did%20as%20this%20would%20of%20got%20my%20sons%20for%20sure.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2091311%22%20slang%3D%22en-US%22%3ERe%3A%20Defender%20needs%20to%20be%20udpated%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2091311%22%20slang%3D%22en-US%22%3EReport%20it%20as%20unsafe%3A%3CBR%20%2F%3E%3CA%20href%3D%22https%3A%2F%2Ffeedback.smartscreen.microsoft.com%2Ffeedback.aspx%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Ffeedback.smartscreen.microsoft.com%2Ffeedback.aspx%3C%2FA%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2091326%22%20slang%3D%22en-US%22%3ERe%3A%20Defender%20needs%20to%20be%20udpated%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2091326%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F808322%22%20target%3D%22_blank%22%3E%40braedachau%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3Eredirection%20or%20showing%20fake%20banners%20isn't%20phishing%20in%20its%20core%2C%20but%20if%20they%20try%20to%20get%20you%20download%20something%2C%20and%20if%20it's%20malicious%2C%20Windows%20Defender%20(assuming%20if%20it's%20configured%20correctly%20and%20none%20of%20its%20modules%20turned%20off)%20will%20come%20in%20play%20and%20prevent%20the%20damage.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWindows%20Defender%20is%20pretty%20decent%3C%2FP%3E%3CP%3Ejust%20a%20demo%20of%20someone%20tested%20it%20against%20malware%20(totally%20ignore%20the%20%22maximum%20protection%22%2C%20you%20don't%20need%20any%203rd%20party%20tool%20to%20configure%20it%20for%20maximum%20security%22%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fyoutu.be%2Fep_25HIArXc%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fyoutu.be%2Fep_25HIArXc%3C%2FA%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E
Deleted
Not applicable

Hello,

 

I did a typo of translategoogle.com that should have been translate.google.com and for some reason, this site seems to have multiple types of redirects. It one times redirects t o a site that has a unsafe website that is blocked. But there is more redirects that bypass that that have a fake Microsoft webpage in the background with tons of warning of "Micorsoft Defender" and tons of poups and talking. Ahhhh

Defender needs to be updated to be able to detect these. 

 

Thank you,

 

Shawn

 

PS: Sorry was in a rush and sorry for typos. Also sorry if this is the wrong place to put this was the best I could think of

 
 
15 Replies

@Deleted 

 

So the problem being that you got redirected to this site.

 

https://pshscanning.xyz/mcf/index.php

 

And then got hit with a whole lot of garbage about being infected with at least 5 viruses.

Did you report the site?  Although the redirect is the primary problem

 

I believe you have just discovered a brand new phishing malware site, but I will let you know if my machine sets off a Sentinel or MDATP alert about an hour from now.

 

I sure as hell did as this would of got my sons for sure.

 

@braedachau 

 

redirection or showing fake banners isn't phishing in its core, but if they try to get you download something, and if it's malicious, Windows Defender (assuming if it's configured correctly and none of its modules turned off) will come in play and prevent the damage.

 

Windows Defender is pretty decent

just a demo of someone tested it against malware (totally ignore the "maximum protection", you don't need any 3rd party tool to configure it for maximum security"

https://youtu.be/ep_25HIArXc

 

Use ublock origin to stay safe on the internet from advertisements and malicious links, banners etc.

https://microsoftedge.microsoft.com/addons/detail/odfafepnkmbhccpbejgmiehpchacaeak?source=sfw

you can add custom security filters:
https://filterlists.com/
Thanks for all the cool links and info.
.
Though Norton and other security extensions did block that website since it was phishing.

The thing is that multiple Microsoft Agents and Microsoft Edge Insiders both agree it was a phishing site and to report it.

Well showing banners and stuff fake and asking you to call a number is kinda phishing since people may get convinced.

Yes I do agree that Microsoft Edge defender is the best but not everything is 100 % accurate.

Thanks,

Shawn
Yes I also agree it could be phishing, but I want us to be prepared for the "unknown", every minute someone can setup a phishing site and by the time someone reports that and it gets added to a blacklist, many victims can fall for it.
plus, going through and checking in a blacklist database could potentially slow down the browsing if it's too large and not enough resources are dedicated to it.

pshscanning.xyz | Remove Guide - Malware Cleaner Pro

Just to let you know


This is a very bad site, I really dont' understand why "R3" still certifies this and Google hasnt' done something
Google got their hands full with lots of stuff
They wrote an article about that, pfff
I'm glad I never run into that domain
Yeah, I was just wondering they fixed the voice API's for my Rosetta stone so I was esting it in google translate but I accidently went there. I hope nothing bad happend by defender in windows hasn't warned me yet. Yup, google has a lot of trouble, not evening putting a support button. Well not my problem.
Yeah hopefully
https://www.microsoft.com/en-us/wdsi/support/report-unsafe-site/

Thank you for helping me report this unsafe website, just ot let you know that the url you gave me dosent' work and it only works direclty if press report.

The above link is the one for a guest user or a signed user for your information,

You're wlcome and ahve a greta day :)

Take Care,

Shawn
you're welcome