Bert is ransomware designed to encrypt files and append its extension (".encryptedbybert") to filenames. An example of how the ransomware renames files: it changes "1.jpg" to "1.jpg.encryptedbybert", "2.png" to "2.png.encryptedbybert", etc. Upon encryption, Bert drops a ransom note (".note.txt") c
We have examined sweprotect.co[.]in and concluded that it is an untrustworthy website that displays a misleading message to deceive visitors into allowing it to send notifications. If permitted, sweprotect.co[.]in can show notifications containing fake warnings and similar messages. Thus, users sh
Our review of the email reveals that it is a fraudulent message designed to mislead recipients into believing they have won a large sum of money. Scammers behind these schemes often aim to steal personal information or convince victims to send payments. Such emails should be ignored. This
Our researchers discovered the prokermonantam.co[.]in rogue page while investigating dubious websites. After examining this webpage, we determined that it promotes browser notification spam and redirects users to other (likely unreliable/malicious) sites. The majority of visitors to prokermonanta
After inspecting this "Payment Has Been Remitted Into Your Account" email, we determined that it is malspam. The purpose of this spam campaign is to infect recipients' devices with malware by using a thirty thousand payment remittance notification as a lure. The spam email with the subject
We have inspected the email and discovered that it is fraudulent. It is designed to trick recipients into "signing a document". However, none of the claims in the email are real. The email is used to steal personal information from recipients via a fake website. Such scams are known as phishing.
Our examination of the "Signed Cloud Document" email revealed that it is spam. This message is presented as a notification alerting the user of a received "secured document". Supposedly, accessing this file requires signing in with the recipient's email log-in credentials. Thus, the phishing email
Ceposaco.co[.]in is a rogue page discovered by our researchers during a routine investigation of suspicious websites. Upon inspection, we learned that this webpage promotes browser notification spam and redirects users to different (likely unreliable/hazardous) sites. Pages like ceposaco.co[.]in
During a routine investigative session, our researchers discovered this "Ethereum (ETH) Reward Program" scam. The deceptive webpage claims that users who contribute at least 0.5 ETH will receive twice the amount. It must be emphasized that victims of this scam will not get any return and merely lo
Our analysis of TabGuides has revealed that it is adware that has been flagged as malicious by multiple security vendors. The app can display misleading advertisements to trick users into visiting questionable web pages and taking other actions. Thus, TabGuides should be avoided and removed if a