Solved

Outlook login dialog box pops up on one particular email

Posted on 2009-07-14
7
374 Views
Last Modified: 2013-11-22
the workstation is part of a windows 2003 domain and is located locally to the server. Last week, when the user tried to open an email, she receive a login popup diaglog box asking her to input her login credentials. thinking that it was just a different application so she didnt bother contacting the IT people until today when she opened the email related to the one of last week. The weird thing is that it only pops up on this email. We are suspecting of malware. Can anybody enlighten me on how will i detect/remove this? i tried running Malwarebytes and it found a few and cleaned it. but still the same situation is happening when she opens the message. I appreciate the help. thanks.
0
Comment
Question by:amcurso
  • 3
  • 3
7 Comments
 
LVL 30

Accepted Solution

by:
Kerem ERSOY earned 250 total points
Comment Utility
Hi,

Since this is the only e-mail which causes a pop-up asking credentials I guess it is the malware asking for credentials ant then it must be sending these credentials and her a-mail info to somewhere. I'll suggest you to save the contents and get it scanned by a malware scanner. You'd better delete it after saving too.

You can use A2 Malware Scanner Free version. It is one of the best available on the market.

http://www.emsisoft.com/en/software/free/

Cheers,
K.
0
 

Author Comment

by:amcurso
Comment Utility
is possible to trace the where is it sending to? i tried viewing the source but its not giving me much to work on. Also, i think the main cause of this on the message is one image (i cant open because outlook is preventing it), when i try to download the image, it prompts and i'll just hit cancel and nothing happens, as if it didnt pop up. in other words, it can be ignored.
0
 
LVL 20

Expert Comment

by:MightySW
Comment Utility
Hi, more than likely there is an attachment from either another email or a forward from another email from a file server share that she doesn't have access to.  Temporarily remove the attachment and try again.  Also check the properties of the attachment.

HTH
0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 
LVL 20

Expert Comment

by:MightySW
Comment Utility
find out where the email is from.  More than likely it is from a resource that doesn't exist or, again, she doesn't have permission for.
0
 

Author Comment

by:amcurso
Comment Utility
thanks btw, for all the response. there is one attachment - A pdf - and its fine. i already tried removing it. its just probably this part of the message when one of the recipient add a link or an image (i doesnt show up) to some internet image that is causing the issue.  

We can Delete this message and forget about it but the sad thing is that we had an issue a month ago where a forwarded message will attach an image of child porn when the recipient in turn forward it to someone. So they will not allow us to go without investigating it fully. hopefully i can give them more assurance/solution to this issue. thanks.
0
 
LVL 20

Assisted Solution

by:MightySW
MightySW earned 250 total points
Comment Utility
So you are saying that there is embedded HTML in the message?

This could definitely be the cause.  Can you see the picture?  Be default, Outlook will not download pictures from external content, but if they are embedded then you could have a problem.  You can right click on the picture and try to save it.  If you forward it to an external account you could accomplish the same thing and not have to render the HTML through your domain restrictions.  

Screen shots always work well if you can see the image.  If you are really talking about a true forensic case then I would leave it alone and not even touch it.  This is something that someone who is specialized in forensics should deal with and the police should be contacted if need be.  Once you tamper with it then the evidence (if you need it to be evidence) is then inadmissible as forensic evidence.  Google special masters, or Kenneth Star when you get a chance.  This is of course if this is a forensic case.  

Honestly in this case, without deleting the message then there is absolutely nothing that you can do unless a special master forensic specialist comes in and investigates the image(s) and where they came from.

Sorry to be such a bummer, but that is absolutely the way it goes.
0
 

Author Comment

by:amcurso
Comment Utility
Thanks. i do agree with you.
0

Featured Post

Get up to 2TB FREE CLOUD per backup license!

An exclusive Black Friday offer just for Expert Exchange audience! Buy any of our top-rated backup solutions & get up to 2TB free cloud per system! Perform local & cloud backup in the same step, and restore instantly—anytime, anywhere. Grab this deal now before it disappears!

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
shared Outlook Mailbox Question 6 35
Convert ost to pst 8 68
Macro to Send Appointment from Excel 1 29
Outlook 2010 Archive 3 36
Use email signature images to promote corporate certifications and industry awards.
Follow this checklist to learn more about the 15 things you should never include in an email signature from personal quotes, animated gifs and out-of-date marketing content.
This Experts Exchange video Micro Tutorial shows how to tell Microsoft Office that a word is NOT spelled correctly. Microsoft Office has a built-in, main dictionary that is shared by Office apps, including Excel, Outlook, PowerPoint, and Word. When …
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now