Endpoint Protection

Hello friends from Symantec! Hope everything goes just fine!

A few weeks ago I received some alerts from Microsoft and a couple of accounts were blocked because some kind of suspicious software was triying to send emails in a massive way. When I run the full scan in the infected computers all of them had the same cookie advise like this one: pixel-us-east.rubiconproject.com/exchange/ 

I want to know if someone have seen something like that before or if its dangerous. 

Thank you so much!!

Hi John,

Thanks for the post.  Sounds like the cookie is for ads, nothing to do with a mail account sending out massive amounts of spam.  I recommend making sure that the accounts in question and the computers that they run upon are still under your control.  Change to new, secure passwords and monitor fro future unauthorized activity. 

https://rubiconproject.com/

Hey Mick!

Thanks for your answer! 

Yes, that's exactly what I thought. I found a log in the first scan and I saw the whole direction of that ad.

That was the first thing that I did. I changed the users passwords and make myself sure that the computers files were ok. After that we did not have any trouble. 

In the Office 365 dashboard I create a new rule for prevent that kind of trouble, too.

Thanks a lot for your help Mick! I appreciate 

Thanks Mick!!