savingsbit.com

Question

Hi,

I received this message from MalwareBytes that it blocked C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE from accessing savingsbit.com. I went online and did not find anything specific to this website. I ran MS Defender offline & full scan with no results.

Does anyone know what this website, why is Outlook trying to access it, & how to prevent Outlook from trying to access it?

Answer 1

Hi Brian,

Thank you for getting back to me, can you please check your news letter, spam and promotional emails as well to see if there is any email that could have triggered it and check the message source for that open the email, go to File, select Properties and click on Internet headers. Check the browser add‑on that integrates with Outlook, rogue extension injecting web beacons and potentially unwanted program so if Malware blocked this programs you can uninstall this by pressing Win + R then type in appwiz.cpl sort by Install date and uninstall unknown recent items.

Other than this please check as well the browser extension (Chrome, Firefox or Edge) remove coupon apps, “shopping savers,” crypto add‑ons, URL shorteners then reboot and retest.

Best regards,

Marcelo

Answer 2

Hello Brian,

You have reach the community support and I’m here to help, on the Malwarebytes please go to Detection history and find the event. Look at the direction for inbound and outbound, inbound means it’s not Outlook’s fault while outbound means Outlook or another process attempted the connection. Next we need to check the Outlook’s message logs for external content request in outlook go to File, Options and select advanced. Now scroll down to Other, Enable logging and restart the Outlook. Open the email that triggered it and check the log file %temp%\Outlook Logging\OPMLog.log and search for http://savingsbit.com and https://savingsbit.com .

I hope this answer is helpful if you have further questions feel free to reply back

Regards,

Marcelo

Answer 3

It seems that MalwareBytes has blocked Outlook from accessing the website savingsbit.com, which may indicate that the site is flagged as potentially harmful or suspicious. The reason Outlook might be trying to access this site could be related to an add-in, a configuration setting, or an external link within an email that is prompting Outlook to make a connection to that URL.

To prevent Outlook from trying to access this website, you can take the following steps:

1. Check for Add-ins: Open Outlook, go to File > Options > Add-ins, and review the installed add-ins. Disable any that you do not recognize or do not need.
2. Review Email Links: If you have received any emails that contain links to savingsbit.com, avoid clicking on them and consider deleting those emails.
3. Modify Security Settings: You can adjust your security settings in Outlook to limit external content. Go to File > Options > Trust Center > Trust Center Settings > Automatic Download, and check the options to prevent automatic downloading of pictures or other content from the internet.
4. Use Malware Protection: Continue to use MalwareBytes and Microsoft Defender to monitor for any suspicious activity and ensure your system is protected.

If the issue persists, consider reaching out to your IT department or a professional for further assistance.

---

References:

• Event ID 1014 when users try to connect to their Exchange Online mailbox