Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Latest News:    US charges Samourai cryptomixer founders for laundering $100 million

Featured Deal: A one-year Sam's Club membership is only $14 now

Latest Buyer's Guide:    How to setup a VPN on your router: Detailed walkthrough

Generic User Avatar

Strange TIF attachment (Outlook.com)

Started by cmonpclaptop , Feb 17 2024 09:11 PM

  • Please log in to reply
4 replies to this topic

#1 cmonpclaptop

cmonpclaptop

  • Avatar image
  • Members
  • 7 posts
  • OFFLINE
    •  
  • Local time:11:39 PM

Posted 17 February 2024 - 09:11 PM

So basically, I was on Outlook.com (the website, not the Outlook app) on the Google Chrome browser when I made the dumb mistake of clicking on a sketchy attachment (named exactly "v .tif"). The reason I clicked on it was because I was under the illusion that it would simply preview it in the browser, rather than initiate/attempt a download of that suspicious file. So anyway, I clicked it and a popup immediately came up asking if I wanted to download the file. Obviously, I clicked "Cancel", and after clicking that button, the popup quickly went away but underneath the name of the attachment listed in the email, it said "Downloaded" even though I could not find the file anywhere on my computer even after searching the direct name. And it was not listed in the Incognito (I was using Incognito mode at the time) download history or anywhere at all. And either way, I didn't open the TIF file. And after turning off my internet and running a Malwarebytes Free scan, it says nothing was detected. Should I still be worried? Thank you so much for any help, I truly appreciate it!

 

EDIT: For clarification, I am running macOS Sonoma.


Edited by cmonpclaptop, 17 February 2024 - 09:13 PM.

BC AdBot (Login to Remove)

 

#2 Pkshadow

Pkshadow

  • Avatar image
  • BC Advisor
  • 12,972 posts
  • OFFLINE
    •  
  • Gender:Not Telling
  • Location:On the Brow of the Hill, West Coast, Canada
  • Local time:10:39 PM

Posted 18 February 2024 - 03:55 AM

Hi, ya maybe should as some stuff is in 2 parts.  You may have downloaded the 1st part.

 

Anyway, empty all your browser Cache files, empty Temp Folders and Possibly see about running MBAM in Safe Mode.  What does a scan with Xprotect say ??


" mosquitoes really wake up everyday and choose violence "   — dalia (@_dalia7)
www.cnn.com/2020/07/23/health/mosquitoes-attraction-humans-future-wellness-scn/index.html
 

I-7 ASUS ROG Rampage II Extreme  / ASUS TUF Gaming F17 / I-7 4770K ASUS ROG Maximus VI Extreme

#3 cmonpclaptop

cmonpclaptop
  • Topic Starter

  • Avatar image
  • Members
  • 7 posts
  • OFFLINE
    •  
  • Local time:11:39 PM

Posted 18 February 2024 - 10:18 AM

Hi, ya maybe should as some stuff is in 2 parts.  You may have downloaded the 1st part.

 

Anyway, empty all your browser Cache files, empty Temp Folders and Possibly see about running MBAM in Safe Mode.  What does a scan with Xprotect say ??

 

I cleared all my browser cache files, cookies, etc. and I also emptied my temp folders by deleting everything inside of the ~/Library/Caches/ directory. I scanned with Malwarebytes Free again today and it's still saying no threats detected, even though I scanned in normal mode rather than in safe mode. I honestly can't find any trace of the file when using Finder. Did the file not actually download? Should I still be concerned after doing all of this? Thank you so much for taking time out of your day to help me!


#4 Secret-Squirrel

Secret-Squirrel

  • Avatar image
  • Members
  • 344 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:United Kingdom
  • Local time:06:39 AM

Posted 18 February 2024 - 10:36 AM

It's completely normal for Outlook.com to say "Downloaded" for a file even when the download was cancelled and didn't even start.

There's nothing for you to worry about.

#5 greg18

greg18

  • Avatar image
  • Members
  • 1,701 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:Los Angeles, CA
  • Local time:10:39 PM

Posted 18 February 2024 - 11:07 AM

Those attachments if a payload are targeting Windows over MacOS. Just the basics of clearing cookies and cache are enough. Trying to use tools geared towards Windows will net zero results
Back to Mac OS


1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users


  1. BleepingComputer Forums
  2. Alternative Operating Systems Support
  3. Mac OS
  4. Privacy Policy
  5. Rules ·