I received an alert from firstname.lastname@example.org today stating:
”To protect our customers, we work with a number of not-for-profit organisations that gather information about internet connections that appear to be at risk of things like malware infections. On 02 October 2020, one detected that gumblar , a piece of malware, was present on a device using your internet connection.”
How can I get more information about what triggered this detection? What time was it, what URLs were involved etc?
I want to know what triggered the alert so I can take the appropriate action on my home network. You must have a log of what network traffic caused the alert? Who do I contact to get more detail or do I need to submit a SAR to obtain this?
this email warning has been mentioned quite a few times. Not once has anyone identified on these forums if it is a scam email or a genuine warning. Why are the mods not reporting back publicly on here? Can anyone help with an answer?
its more likey they do not know. they will just be passed an IP address from a security company and then they send the letter. They can't see any traffic as ISP are not allowed to monitor traffic to that level. DPI would be very illegal.
So I'm not sure what you can hope to get from VM.
Scan your device something on your IP address triggered it