A month ago or so, when I tried to access the Naville website, my virus-protection software flagged a warning about malware at the site designed to harvest my data. Today I received an e-mail (it was sent to my spam folder) supposedly from a non-profit cybersecurity agency warning me the Naville site was infected with a Trojan that harvested data and suggested I not go to Naville's site and that I change my passwords elsewhere. Is this a real issue, or is it a disinformation campaign to ruin Naville's business? If real, has the issue been resolved? Did anyone else get such a warning in their e-mail? What should customers of Naville do?
I visited their website yesterday for quite a time, browsing their next auction, with no apparent issue, so far Q
Could you send me a message of a screenshot of the email without clicking any of its links? That sounds extremely fishy to me (I work in the cybersecurity industry).
I'd run a free malware program .. Never know what happened, or who spying, on your computer now . Malewarebytes is the best, I know of ..
Good advice - once you've opened an e-mail from an unknown sender (opening and reading the e-mail is harmless, but the links are where the dangers lie), you can click on the upper left (down arrow beside the 'to me' in gmail) for further details about the sender - it looks like this: from:Coin Talk <noreply+feedproxy@google.com>reply-to:Coin Talk <***@gmail.com> to:***@gmail.com date:Sep 24, 2020, 9:49 AMsubject:CoinTalk Update - 19 New Topicsmailed-by:feedburner.bounces.google.comsigned-by:google.comsecurity: Standard encryption (TLS) Learn more:Important according to Google magic. This info can give you a good idea if the sender is legit or a spammer/bot - be safe online!
Which antivirus are you using? It sounds like the data collected from the quarantine is shared with 3rd parties which can then spam you. It would be worth to check the software license agreement and try to remember if you registered the product using your email address
That looks highly suspicious and certainly isn't from any legitimate security company. It's possible that there's been a credential breach which allows your email address to be associated with Naville Numismatics as otherwise it would be very challenging to spot the association. If you wouldn't mind forwarding the original email to my username at gmail.com, I'd like to take a look at the header information to see where it originated. A search through my company's monitoring database hasn't found anything related to Naville but we certainly won't spot everything as the "dark web" is vast.
Either your virus detection software was right and there was malware on Naville's website collecting your data, or their database was compromised. Whether this is a pishing email or not, the fact that they are able to link your email address to Naville's website is a clear warning. You should reset your password on Naville's website (and anywhere else you use the same password) for security reasons. Make sure to choose a random password for Naville that you don't use anywhere else, just in case the breach still exists.
I would suspect that Naville had some database breach of some sort. FWIW they weren't using HTTPs a couple of months ago for their login/registration, which made them quite vulnerable to a lot of attacks (I avoided registering an account and bid through numisbids as a result)
Thanks to the member who forwarded the email on. It is not from a legitimate security company and was instead sent through a common dark web source. Oddly, it's also not a phishing email itself and instead does indeed appear to be just some Good Samaritan monitoring the dark web to notify people of possible data breaches. I've reached out to Naville directly and in the meantime, I would advise everyone to change their password and if you've reused the same password elsewhere, to change those websites as well.