Threat Detection Library


Troj/Phish indicates that Sophos has detected a phishing attempt in email attachments or malicious webpages.

Phishing attacks attempt to steal personal and/or financial information from the user when they visit the page. The best-known examples of these are sites that attempt to steal users’ account information (usually, usernames and passwords) for specific sites by imitating (“spoofing”) those sites. One of the most common of this kind of malicious webpage spoofs financial sites and tries to steal the users’ account information, which attackers will then use to steal money from the user. Another common kind of this malicious webpage attempts to steal account information, which attackers will then use to impersonate the account owner on the legitimate site. Frequently this is done in attempts to take over online accounts such as streaming accounts, or important personal sites like email sites that can be used for additional attacks like identity theft. In some cases, the phishing page will redirect to the legitimate organization’s website afterwards, to hide the fact that information has been stolen.

You can find information about phishing attacks on the Sophos Naked Security blog here and from the Sophos X-Ops blog here.


If you believe this detection is incorrect, please report this file to Sophos Support

Send our lab samples for analysis.

Submit a Sample