After inspecting this "Payment Has Been Remitted Into Your Account" email, we determined that it is malspam. The purpose of this spam campaign is to infect recipients' devices with malware by using a thirty thousand payment remittance notification as a lure. The spam email with the subject
We have inspected the email and discovered that it is fraudulent. It is designed to trick recipients into "signing a document". However, none of the claims in the email are real. The email is used to steal personal information from recipients via a fake website. Such scams are known as phishing.
Our examination of the "Signed Cloud Document" email revealed that it is spam. This message is presented as a notification alerting the user of a received "secured document". Supposedly, accessing this file requires signing in with the recipient's email log-in credentials. Thus, the phishing email
Ceposaco.co[.]in is a rogue page discovered by our researchers during a routine investigation of suspicious websites. Upon inspection, we learned that this webpage promotes browser notification spam and redirects users to different (likely unreliable/hazardous) sites. Pages like ceposaco.co[.]in
During a routine investigative session, our researchers discovered this "Ethereum (ETH) Reward Program" scam. The deceptive webpage claims that users who contribute at least 0.5 ETH will receive twice the amount. It must be emphasized that victims of this scam will not get any return and merely lo
Our analysis of TabGuides has revealed that it is adware that has been flagged as malicious by multiple security vendors. The app can display misleading advertisements to trick users into visiting questionable web pages and taking other actions. Thus, TabGuides should be avoided and removed if a
Our investigation of urcuithla.co[.]in demonstrates that it is a deceptive website designed to trick visitors into granting permission to show notifications. Once allowed, the site abuses this permission to promote scams, untrustworthy pages, apps, etc. For this reason, users should avoid acceptin
WebStatSearch is a browser extension promoted as a tool that provides statistics and other information concerning the currently open website. After analyzing this piece of software, we determine that it is a browser hijacker. It modifies browser settings to promote the odsrchrdr.com fake search en
During our inspection of malware samples uploaded to VirusTotal, we discovered Se7en, a ransomware belonging to the Babuk family. Once executed, Se7en encrypts files, appends the ".se7en" extension to filenames, and creates a ransom note ("How To Restore Your Files.txt"). An example of how files a
We have inspected quizmytab.com and discovered that it is a fake search engine promoted through an extension called QuizMyTab. This extension promotes quizmytab.com by hijacking a web browser. Users should avoid using fake search engines and extensions that function as browser hijackers, and remov