Our examination of the "Nedbank - New Debit Order Notification" email revealed that it is fake. This spam message informs the recipient of a new monthly debit order made to the recipient's Nedbank account. It must be emphasized that the information in this email is false, and this mail is not ass
Lamia Loader is a ransomware-type program. This piece of malicious software is designed to encrypt the victim's files and demand payment for their decryption. After we executed a sample of this malware on our test machine, it encrypted files and added a ".enc.LamiaLoader" extension to their names
After examining this "Coinbase Device Registration" email, we determined that it is fake. This spam email is presented as a notification from Coinbase regarding a suspicious account sign-in. The goal of this spam campaign is to trick recipients into calling a fraudulent support line, thereby entan
Our inspection of the "Check Failed Messages" email revealed that it is spam. This is a phishing message that targets email account log-in credentials (passwords) by claiming that the recipient has multiple emails pending in quarantine. The spam email with the subject "[recipient's_email_a
RatOn is a piece of malicious software that targets Android devices. It is classified as a Remote Access Trojan (RAT). RatOn has been around since at least the summer of 2025. This trojan is capable of controlling devices remotely, performing automated money transfers and NFC relay attacks, steal
ACR is a stealer-type malware with multiple versions, including a rebrand variant known as Amatera. ACR targets a variety of sensitive data, such as passwords and cryptocurrency wallets. This stealer is offered as MaaS (Malware-as-a-Service) and has been used in multiple large-scale campaigns.
Imagesearcherpro.com is a fake search engine that our research team discovered while analyzing the Image Search Pro browser hijacker. This website type cannot provide search results and redirects to legitimate search engines. They are usually promoted (via redirects) by browser hijackers. It is no
While investigating suspicious sites, our researchers found this fake "Uniswap" webpage (nextlevel[.]limited; potentially other domains). This page impersonates Uniswap, yet is in no way associated with this decentralized exchange. The scam aims to deceive users into exposing their cryptowallets t
Our research team discovered this fake "$IBVM" airdrop during a routine investigation. It masquerades as the official website of IBVM (ibvm.io). The scam tricks users into exposing their digital wallets to a cryptocurrency drainer. It must be emphasized that this fraudulent airdrop is not associat
Our examination of the "Confirm Your Identity" email revealed that it is spam. The message states that unless the recipient verifies their identity, they will experience email service interruptions. The purpose of this scam mail is to lure recipients into providing their email log-in credentials t