The following bogus messages are appearing on one of our Sophos Central protected endpoints:
I rebooted the machine and it came back, so it wasn't just resident in memory. I am running a full Sophos scan now, but it looks like it will take hours to finish. I am wondering if anyone knows why Sophos isn' stopping it, and how do I get rid of it? Thanks!
Also the endpoint is fully up to date and is not reporting anything suspicious to the central admin console.
It looks like the Microsoft Edge application is permitted to create toast notifications on your computer. If you'd like to prevent these alerts from coming up, I'd suggest disabling this option. I was able to find the following article which details this a bit further.- https://pureinfotech.com/stop-web-notifications-chrome-firefox-edge-windows-11/#block_website_notifications_edge
It looks like the URL in question is "defol[.]club". I've sent in a website reclassification request for this. If you spot something similar in the future I suggest using the following page to submit the request as this page is open to everyone.- https://support.sophos.com/support/s/filesubmission?language=en_US
You can check on the website category first by using intelix.sophos.com
Thank you, Qoosh, I appreciate the assistance. We were able to stop the Edge browser from allowing notifications from the offending website. The website for submitting samples is fantastic. I will note the URL for future reference. Thanks again!