Can I click on an element with the result 'no anomalies'?
Legally, we can never guarantee to find really every malware and phishing attack. Nor can airbag manufacturers give you a guarantee that you will survive every accident, although the probability with airbags increases tremendously.
Therefore, let's put it this way: there is always a remaining risk, no matter in which area of life. By using the E-Mail Analyzer, you have already performed a very good technical check. In a second step you should use your common sense: does the whole e-mail make sense at all? If you work in the HR department and receive an application as a PDF, it makes sense. If you work in the accounting department, a speculative application is rather unusual. And the uncle from Nigeria, who wants to give you 1 million EUR if you only open the attachment, is so unrealistic that you should not open an attachment even if it shows 'no anomalies'.
What does the result 'suspicious' mean?
As mentioned earlier, we determine a threat score for each element. Above a certain threshold we report 'suspicious'.
This threat score can be caused by a well-camouflaged malware, but it could also be a harmless file that attracts attention through its behavior. For example, PDFs or documents can download images or data from the Internet. This can be an 'unfortunate' or maybe even intentional embedding, but it could also be malicious code behind it. Therefore, such behavior results in a 'suspicious'.
It is better not to click on such links and files, but to ask the sender (if known) what is inside the file, because your security analysis issues a warning message.
Is an element classified as 'malicious' really dangerous?
Short and sweet: Yes. At least one analysis step has produced this result, for example because the element has already been recorded as malicious by other sources or because our analyses of machine learning and sandbox behavior have revealed a correspondingly high threat score. In any case, keep your hands off these elements, the error rate is very low.