http://dashboard.mearki.com malicious redirection

SOLVED
tantony
Head in the Cloud

http://dashboard.mearki.com malicious redirection

When I try to go to dashboard.mearki.co/m, it takes me to dashboard.mearki.co/m/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqcyI6MX0.fADWc9hUOlh58R9UzufQBROmie3I7c7vE835oE6YmU4&uuid=59e3dfd2-41cf-11e9-a407-e65cedabf5ba, and I'm getting alerts from Symantec Endpoint Protection.

 

A high-risk intrusion was detected on Tony Antony Laptop within group Share Group on 3/8/2019 1:24:03 PM.

IPS Alert Name
Web Attack: Malicious Redirection 21

Status
Blocked

Attack Signature
N/A

Targeted Application
N/A

Attacking IP
162.210.196.172

Targeted IP
172.16.2.235

Targeted Port Number
61382

 

1 ACCEPTED SOLUTION
10 REPLIES 10
jdsilva
Kind of a big deal

tantony
Head in the Cloud

Yes, that's the correct URL, but my browser auto completes it to the link on my post.  

jdsilva
Kind of a big deal


@tantony wrote:

Yes, that's the correct URL, but my browser auto completes it to the link on my post.  


Just because your browser is auto-completing it doesn't mean it is right. Mearki.com is not correct. 

tantony
Head in the Cloud

Thanks, so there's nothing to stop it?  My Symantec scan found no viruses.

You probably mistyped it once and now your browser thinks you want to go there every time. Try clearing your browser history.

PhilipDAth
Kind of a big deal
Kind of a big deal

@tantony just to make it clear what @jdsilva  is saying ...

 

You are typing dashboard.mearki.com and you should be typing dashboard.meraki.com.

 

 

There is nothing that can be done to prevent you typing in the wrong URL.

 

 

@CarolineS or @MeredithW can you please edit the original post and remove the links so they can not be clicked on.  You can leave the actual text.  A high profile "property" linking to a malware site will cause that malware site to be promoted in Google and gain greater credibility.  Additionally we don't want other users actually clicking on the link to the malware.

Additionally can you please forward this to your legal department.  The owners of mearki.com are clearly sub-squatters and are using the Meraki trademark to advance their position - and clearly they don't have consent to use that trademark.

MeredithW
Meraki Alumni (Retired)
Meraki Alumni (Retired)

Done, thanks Philip!

Meredith W | Community Manager, Cisco Meraki


Found this helpful? Give me some Kudos! (click on the little up-arrow below) New to the community? Get started here

Thanks. I caught that mistake after a few minutes. I should stop drinking tea before logging into Meraki to slow down my typing :). I also enabled SMS authentication. 

@tantony  What are you mixing with your tea?  We all have made that mistake, thats what makes us human.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels