Ways to Get Rid of Spam Emails

Fortunately for the users, there are plenty of ways of getting rid of annoying messages. Depending on their number, you can try different practices and find the one that works best for your case. For example, simple reports of a couple of phony emails you’ve got over the last month may be enough to prevent their appearance. Popular email services usually keep an eye on users’ reports and will likely react to reports about the malevolent activity. Still, you may sometimes require a much more harsh approach.

1. Mark as spam

Email services such as Gmail, Yahoo & Outlook have special features for filtering unwanted emails. To do this, you need to mark emails as “spam”, after which they will go to the spam folder and will not disturb you in the common list of emails. If you receive such emails from the same sender in the future, it will automatically be sent to this folder.

How to mark spam in Gmail

Tap on the square next to the email. After that tap the stop sign icon.

How to mark spam in Yahoo! Mail

Tap the box next to the email or on multiple emails. After that tap on the shield icon.

2. Delete spam emails

Spam email at first glance looks harmless. But there are a few nuances that you need to consider. First of all, if you notice that your mailbox is filled with letters from unknown sources, do not click on them. By clicking on these emails, you will inform the attacker that your email is active and will be subject to more spam. The harm is that you will start receiving even more spam emails. Only if you follow links or respond to spam – that’s when you can come across the distribution of malware and other things. The best thing you can do is simply remove spam emails and rid yourself of unnecessary content.

How to delete spam from Gmail

1. Tap on the empty box to check out the message.
2. Tap on the stop sign in the top menu.
3. Tap Report Spam in the dropdown menu.
4. Tap on the “Delete All Spam Messages Now option.”

How to delete spam from Yahoo! Mail

1. Firstly, check the box next to the email.
2. In the above menu tap on the shield.
3. Tap the Report Spam option.
4. Go to the spam folder.
5. Tap the Delete Emails option.

How to delete spam from Microsoft Outlook

1. Tap the email in the inbox area.
2. Tap on the Junk Mail option in the top menu.
3. In the side menu click on the Junk Email tab.
4. To empty the folder click the metal trash can.

3. Keep your email address private

Try to avoid sharing your email on different platforms to avoid receiving spam emails. If you don’t have to share your email address, you better keep it quiet. You can also change your account privacy settings. As in the following examples:

Google Privacy Settings

1. Enter your Google account.
2. Navigate to the Security Checkup option to see the devices, security events and other email addresses and devices connected to your Gmail account.
3. Set up the toggle switches to turn features on or off.
4. Do the same process for the Personal Information and Privacy settings.

Yahoo! Mail privacy settings

1. Log-in to your Yahoo! Mail Account.
2. Click on the gear icon.
3. Click the Account Information option.
4. In the Account Security section, click on the Generate app password option.

Microsoft Outlook privacy settings

1. In the upper-right corner of the screen tap on your account icon.
2. In the menu list, tap My Account.
3. Tap on the Privacy and Security options to change the settings.

4. Use a third-party spam filter

Each mailbox has its spam filter, but working with a third-party filter can provide additional protection. All emails will pass through these two filters. This way, you can provide adequate protection against malware and unwanted content. Finding an anti-spam filter that will work with your service provider is best.

5. Change your email address

If spam still comes to your email address after all the steps above, then the problem is the continuous leak of your personal info, in particular email address. In this case, you need to change your email address. To do this, see the following guide.

1. Register a new account with your current email service.
2. After that, notify your contacts from your new account that you’ve changed email addresses.
3. Go to the Settings section and add the new email address to forward incoming emails from your old account. It is important to specify the emails you want to redirect the messages from. Otherwise, all the spam will appear in the new mailbox as well.

How to add a forwarding address

After you create a new email address, you will be able to receive emails from the old email address. To do this, you need to change your forwarding settings. By redirecting, you will be able to update your contact information in all accounts that are linked to your original account.

1. In the old email account, navigate to the Settings option.
2. Tap the Forwarding and POP/IMAP tab.
3. Enter the new email address in the Add a forwarding address box.
4. Tap “Next” to confirm the process.

Common spam email security threats

In addition to being annoying and time-consuming, spam emails can compromise users’ digital security. Attachments that are attached to spam emails often carry a virus or malware. Here is a list of the most common ones.

Trojan Virus

Trojans are malware disguised as legitimate apps. Get on the user’s PC they can by downloading free apps or come through attachments in email. Trojan installs malicious code, usually spyware or coin miners, via a link attached to an email. Thus, the attacker manages to control the user’s computer, steal data and block many programs. From this point of view, remember that clicking on all composed spam emails is dangerous.

Phishing and vishing

Phishing emails are one of the most common attacks in this case. Since, in letters of this kind, the attacker imitates the messages of legitimate companies and firms, trying to extract the necessary information for him. In the Phishing email, it is suggested to go to the attached link and confirm your data or credit card details. It’s a scheme to steal sensitive data.

Vishing is also used to steal data only through calls. Intruders call users and, during the conversation, extort card numbers, personal data, addresses, insurance numbers, etc. To avoid falling victim to Phishing and Vishing, check the legality of the companies that call or write to you. Also, try to answer only those calls in your phone book.

Zombie Computer Virus

Zombies are a type of malware that can spread via spam email. This program turns the user’s computer into a server through which it sends spam to other users. You won’t be able to see the moment when this malware will be on your computer, but slow PC operation will be the first sign that it is. Moreover, an infected computer can attack web pages. To avoid this, you should not click on the attached links in spam emails.

How to stay free of spam emails?

You can take all the steps mentioned above only if you are a victim of spam mailing. If you only know about it and do not want to face such a problem directly, then take the recommended precautions. Use the spam filters we mentioned earlier. Do not spread your email address on different platforms and sites. Also, try not to click on pop-ups and banners that carry annoying and malicious content. Finally, be careful when visiting untested and unprotected sites, and especially leaving there your main email address. If you need to browse such pages time to time, that will be a great solution to create a separate email address that will take all the potential spam.

The post How to Get Rid of Spam Emails? appeared first on Gridinsoft Blog.

Advanced Window Manager Overview

Advanced Window Manager is an unwanted adware-like program. Despite positioning itself as a useful utility, its main task is to bombard the user with ads. At the same time, the program most often advertises fraudulent or malicious things, putting the user at serious risk. Clicking on the promotions that this Window Manager shows may redirect the user to a rogue website that inadvertently downloads other potentially unwanted software.

Another undeclared feature is collecting information about a user’s Internet activity. This data includes search queries, entered URLs, geodata, and IP addresses, which will then be sold to third parties. Advanced Window Manager is usually distributed as add-on software in bundles of other programs. Since the software is not very stealthy, the user can see the process (or several) in the Task Manager.

Detailed Analysis

Let’s analyze how Advanced Window Manager behaves in the system to understand its true nature. It arrives through the installer, that precedes the original program, and does some basic system check. During installation, the unwanted software extracts the following files to a temporary folder on the system:

C:\Users\Admin/AppData\Local\Temp\7zS4E1438CD\setup_install.exe
C:\Users\Admin/AppData\Local\Temp\7zS4E1438CD\libcurlpp.dll.
C:\Users/Admin/AppData/Local/Temp/7zS4E1438CD/libstdc++-6.dll.
C:\Users\Admin/AppData\Local\Temp\7zS4E1438CD\libcurl.dll.

It also resets some files, including:

%WINDIR%\Microsoft.NET\Framework\v4.0.30319\clr.dll
%WINDIR%\System32\rundll32.exe.
C:\Users\AppData\Local\Temp\7zSC8C4B203\metina_5.exe.
C:\Users\AppData\Local\Temp\7zSC8C4B203\metina_6.exe.

Installation

Once installed, Advanced Window Manager (sample on VirusTotal) starts performing its main task – flooding the user’s system with ads. It checks the following registry value, which is responsible for regionalizing the system to install more “relevant” programs.

\REGISTRY\USER\S-1-5-21-1346565761-3498240568-4147300184-1000\Control Panel\International\Geo\Nation
\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IMM\Ime File
\Registry\Machine\Software\Policies\Microsoft\System\DNSclient

After that little check, the malware connects to its command server. In my case, one of the requests that followed the original connection installed an unwanted program called Ultra Media Burner. It most likely depends on the results of the aforementioned geolocation check.

GET http://limesfile.com
GET http://limesfile.com/Ea42LhC7KVL6GEpzgxwW/C_Net_8Rpjkd5GEqRYJq87/UltraMediaBurner.exe
GET http://estrix.xyz/addInstallImpression.php?key=125478824515ADNxu2ccbwe&ip=&oid=139

Additional Checks & Persistence

Being a rather regular sample of adware, Advanced Window Manager performs a series of system checks to determine system’s location. By checking the values of several registry keys, the malware obtains the networking information. It is unlikely that it has any sort of geofence, so this data is mainly needed to target the advertisements correctly.

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Dnscache\InterfaceSpecificParameters\
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\DNSClient\DnsPolicyConfig

After that, the malicious program edits another set of registry keys related to Windows services and drivers. This is where it gains persistence by adding the values that will associate its files with some of the drivers/services in the system.

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MpKsl9a97d018\Parameters
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MpKslcbc6775c\Parameters

Advertising, Search Redirects and Browser Hijacking

After all the preparations, Advanced Window Manager starts acting as adware or browser hijacker. The most common scenario after installing this kind of software is browser hijacking. PUA changes the homepage and search engine to the one it advertises (usually Bing or Yahoo). It is also common to see a no-name engine like Chromstera as the homepage/search engine. In this case, all queries go through the above service, and the forced change of search engine is effective until the first restart of the browser.

In addition to irrelevant search results, adware fills pages with ads and pop-ups, which makes it very difficult to use. The third aspect of a browser hijacker is collecting telemetry about the user. Although such software does not usually steal passwords or other sensitive information, it redirects all search queries through its server, thereby collecting general analytics about the user.

How To Remove Advanced Window Manager?

To remove Advanced Window Manager, you should use an advanced anti-malware tool. GridinSoft Anti-Malware is a great option. Run a Full scan, wait for it to finish, and follow the prompts.

You may also need to reset your web browsers. To do this, open the Tools tab and select Reset Browser Settings. In addition, I recommend that you enable the Internet security module, which protects against Internet threats. To do this, go to the Protect tab and activate the Internet Security checkbox.

The post Advanced Window Manager appeared first on Gridinsoft Blog.

Chromstera Browser Overview

Chromstera Browser is potentially unwanted software positioned as an alternative web browser. It is built on the Chromium engine but lacks the links required for the Chromium core. Once installed, it floods the user with excessive amounts of promotions. It also changes the homepage and preferred search engines without the user’s consent and also tries to make itself the default browser.

Such daring behavior is not the only unwanted activity. Chromstera casually redirects search queries to other search engines, at times completely unknown ones. Resulting queries contain excessive amounts of search ads. Also, the user’s internet activity in Chromstera, including browsing history and search queries, and some sensitive data, is transferred to the third-party server.

Chromstera has an official website, but bundles are the most popular distribution method for this unwanted software. When you try to download it from the official website, it returns the 404 error. However, freeware and cracked programs may include Chromstera Browser in the bundle. Some users reported that this software appeared on their system after clicking on a banner, meaning that this unwanted program is no stranger to malvertising.

Is Chromstera Safe?

Although Chromstera Browser is not malware, it has deservedly earned the title of unwanted software. This is primarily due to its monetization method, which involves forcibly redirecting all search queries to Yahoo or Bing. In addition, search adverts can lead to dubious or malicious sites.

The answer becomes obvious if you look at the information that the browser collects. Data collection includes search queries, URLs visited, web pages viewed, IP addresses, internet cookies, usernames/passwords, personal information, and credit card numbers. Further, all of this information is usually sold to third parties.

Runtime Tests

Let’s examine Chromstera Browser’s behavior. When I tried to download it from the official website – chromstera[.]com, I got a 404 error and had to download it from somewhere else.

Unlike Google Chrome, Chromstera has a classic installer. After installation, we see the familiar Chrome interface. However, apart from that, Chromstera is trying to be in the system by any means possible. It obsessively offers to pin a shortcut to the taskbar, make itself the default browser, etc. This browser also adds itself to the startup by default, without the user’s consent.

In the settings, the browser offers to use the standard Chromstera search without the possibility of choosing another search provider. However, if you manually add a search service, queries will still go through Bing. This is because the browser developers receive a commission for using the Bing search engine, and are willing to ignore users’ choices for this pay.

Advertising & Unwanted Programs Downloading

The main feature of Chromstera is that it is a source of adverts in the system. Sometime after installation, it starts opening tabs with advertising sites in other browsers, acting as adware. These sites may offer an extension, plugin, or program to install.

Although these programs are positioned as “recommended”, they are useless and sometimes even malicious. Overall, they flood the browsers, protecting themselves from user removal by the “managed by your organization” trick. Same as the subject, they can redirect search queries, causing even more chaos.

Malicious advertising spread by Chromstera

Malicious advertising spread by Chromstera

Malicious advertising spread by Chromstera

Aside from adware functions, Chromstera acts as a loader for other unwanted apps. It particularly installs Universal Browser and Artificius Web that I’ve written about earlier.

How To Remove Chromstera Browser?

You can remove Chromstera Browser using standard Windows tools by going to Settings > Apps and selecting the Chromstera application. However, it is likely not your system’s only potentially unwanted software. To comprehensively remove such unwanted software and its traces, I recommend using GridinSoft Anti-Malware. In addition to removal, it offers real-time protection and an Internet Security module to prevent installation of such software at the download stage.

The post Chromstera Browser appeared first on Gridinsoft Blog.

What is a Wave Browser?

Wave Browser is a web browser developed on Chromium core, an open-source variant of the one used in Chrome. This is the last bit of positive information about them – you can barely find more of them. First thing to notice is the way it is distributed – in software bundles. Such a tactic is considered malicious, as the vast majority of software spread in such a way is unwanted.

For the functionality of this “effective and privacy oriented browser”, there is nothing really unique. Moreover, it barely meets its own promises – none of the modern security practices are present in Wave Browser. What’s worse, its developer is a subsidiary of a well-known riskware developer, Genimous Technology Co Ltd, that aims at collecting user data and gaining profits from traffic redirection.

What is Wrong With the Wave Browser?

All things said in the previous paragraphs should be enough to be suspicious. After installation, this app changes the system settings, setting itself the default web browser and changing the search engine and homepage. In addition, Wave adds itself to autorun; it is set to run in the background after the window is closed.

Another red flag is the installation method. It is often promoted in the form of nasty advertising or installed as recommended software in the bundle along with the other software. Due to these factors, Wave browser falls into a potentially unwanted program (PUP) category. According to the developers, they cooperate with Yahoo and receive a commission from each search. However, the problem is that the search query will be forcibly redirected to Yahoo regardless of the user’s preferences and settings.

Is It Malware?

Potentially unwanted software like this is in the gray zone between legitimate software and malware. All of the above factors, from the distribution to the monetization method, indicate that the browser is untrustworthy. In addition to redirecting search queries, the browser’s primary income source is the display of intrusive ads. They are everywhere, from advertisements in search results to banners on pages.

Besides ads creating inconvenience in web surfing, they also often lead to questionable websites. As a result, the mere attempt to find some regular info may end up with malware downloading. As for more serious risks, it is worth mentioning that Wave Browser can steal confidential information usually stored in the browser, such as cookies.

How to Remove the Wave Browser?

Another sign that this is an unwanted program is its difficulty uninstalling it. You can’t just go to the list of installed programs and uninstall it. Wave browser stays firmly in the system, and to remove it manually, you have to go a long way. Moreover, suppose you did not intentionally install Wave browser, but it is on your system. In that case, it is most likely not the only unwanted software. As I mentioned, such apps are often bundled with other PUAs.

Although Wave browser could be freely distributed in the past, most reputable security tools now mark it as PUP. The situation with removal is the same – previously, to remove this browser, you had to manually delete files in folders on the C drive, registry keys, autorun values, etc. Today, the most effective removal method is to use an anti-malware solution. For example, Gridinsoft Anti-Malware can completely remove the Wave browser. It will find all the “tails” of the browser in fully automatic mode and remove them.

The post Wave Browser appeared first on Gridinsoft Blog.

What is the Yahoo Search Engine?

Yahoo is one of the first search engines that appeared on the Internet. In 1995, it was initially introduced as a search mechanism for cataloging the websites recommended by Yahoo. Further, they applied for a partnership with Inktomi and then Google. That allowed Yahoo to become much more popular. In 2003, they added a full-fledged web crawling service that extended the search results. However, in 2004 Google managed to outpace Yahoo by market share. Now it is just a part of niche services offered by Yahoo.

Besides its 100% benevolent nature, there are cases when users uncover that Yahoo is set as their search engine by force. Changing it to the one you used does not help – it will be switched back to Yahoo almost immediately. Searching with such settings is likely not comfortable because the results differ from what you expect. And the most unpleasant thing is that someone earns money for you with such changes.

How Does That Work?

Seeing your search engine constantly changed to Yahoo means that you have a malicious program on your computer. Such programs are usually identified as browser hijackers. As you can guess from their name, , they take control of your web browser without your allowance. They can change any setting in the infected browser, including the search engine, redirect search queries, open the websites and start the browser whenever it wants. The crooks control all this activity and designate all changes and redirects that malware does.

The exact form of that malware may be different. Most browser hijackers are tiny programs that sit deep on the disk. Throughout the last couple of years, they massively opted for the guise of a browser plugin. That makes the malware implementation much easier, and formally such plugins do not violate any rules – the user allows it to do all these nasty things during the installation.

Is the Yahoo Search in Chrome Dangerous?

There is no direct danger browser hijackers bring to your system. But since it can throw you on the website it wants, you may easily fall victim to phishing or unintentionally trigger the malware downloading. Same-quality crooks often make sites advertised by crooks, so the chance of seeing a legit site after the redirect is pretty low. Scam sites like Pornographic Virus Alert from Microsoft also appear among these redirections.

Besides the possibility of being scammed in such a way, you may also get your personal information stolen. In the cases when malware is spread as a browser hijacker, it asks you to give access to cookie files and browser history. Those two categories are pretty valuable for selling the data to third parties. Besides that, cookies may contain the login credentials in the unciphered form – that is just a gift for cybercriminals.

How Did I Get the Malware?

As I have mentioned before, browser hijackers may have different forms. Web browser plugin, “PC optimiser”, rogue – choose what you want. While all this diversity is hard to compare when you don’t know about the internal things, the externals – exactly how they are distributed- are most likely the same. Crooks who spread hijackers usually try to bait the user into installing the malware under something useful. Usually, such stuff is found on online forums, abandoned sites that were hacked, and advertisements.

Any advertised offers that look too generous or contain statements baiting you to click on them must not be trusted. Only God knows what will happen – redirection, malware downloading, or even throwing you to the exploit page. It is better not to choose at all – I recommend you avoid clicking such things. It is one of the most basic principles of cyber hygiene – don’t ignore it!

Remove Yahoo Search from Chrome

Most modern malware creates enough hitches in your system to make it harder to remove. Browser hijackers are not an exclusion. Users may delete some of the files, leaving the other part untouched. And the virus manages to recover its files using the rest of them. Detecting all malware parts is a thankless job. That’s why I’d advise you to use anti-malware software. Reverting the changes in the web browser is much easier, so I will show you how to reset your Chrome browser.

Anti-malware programs can find all malware parts by checking the paths specified in their code. Therefore, using a well-done antivirus that will detect and wipe all the files of browser hijackers is a perfect way to get rid of the latter. I will recommend GridinSoft Anti-Malware as the program that will 100% complete this task. Download it from our official website.

You can try out the full functionality of GridinSoft Anti-Malware during a 6-day free trial. After the app installation, you will be offered to type your nickname and email address to receive a free trial code. It will arrive right in your email after passing these steps. Without it, you can still scan your devices and reset the browsers but can’t remove the detects.

Reset Your Chrome Browser Settings

• Most of the contemporary browsers have the same reset steps. Chrome is not an exclusion; it is a trendsetter for the rest programs in this class. Go to Settings, and find there the Reset and Clean Up submenu.

• In it, click on the Restore settings to their original defaults. That will call the appearance of the pop-up window.

• In that pop-up window, accept the settings resetting. Then, your browser will be as good as the newly installed.

The post Yahoo Search: How to Remove Yahoo from Chrome? appeared first on Gridinsoft Blog.