Fophothiogle.co[.]in is a rogue page found by our researchers during a routine inspection of suspect websites. After examining this webpage, we determined that it promotes spam browser notifications and produces redirects to different (likely unreliable and/or dangerous) sites. Most visitors to f
"Your Statement Is Available For Review" is malspam. This malicious spam message alerts the recipient of a mandatory document review. The purpose of this email is to trick victims into installing a malicious ScreenConnect installer onto their devices. It must be emphasized that this mail is not as
Our researchers discovered this fake "Noice Rewards" page during a routine investigation. It impersonates the Noice.so website yet bears no association with it. The deceptive webpage claims that poll voters can receive an early TPF allocation. This scam operates as a cryptocurrency drainer – by si
While investigating untrustworthy sites, our research team found this fake "Axelrod Rewards" webpage. It runs a poll that the voters on which will be eligible to receive allocations. The goal is to lure victims into exposing their digital wallets to a crypto drainer. It must be emphasized that thi
After reviewing the site register-mamo[.]info, our team determined that it is a fraudulent copy of the official Mamo (mamobot) website. This deceptive page falsely advertises an early token allocation to trick users into taking actions that ultimately enable scammers to steal their cryptocurrency.
Our team has inspected the site (claim2trade[.]fun) and concluded that it is a copy of the original tradedotfun (trade.fun) website. This deceptive page pretends to host a cryptocurrency airdrop (giveaway). Its goal is to lure unsuspecting individuals into performing actions that allow scammers to
Our analysis has shown that navixzuno.co[.]in uses a deceptive tactic to trick visitors into granting it permission to show notifications. Moreover, if navixzuno.co[.]in obtains this permission, the site misuses it to deliver spam messages, often containing fake warnings and similar content. Overa
Our research team found the worldfreeads[.]top rogue page while browsing suspicious websites. Upon examination, we learned that it promotes browser notification spam and produces redirects to different (likely dubious/harmful) sites. Users primarily access worldfreeads[.]top and similar webpages v
Wers.co[.]in is a rogue page discovered by our researchers during a routine inspection of untrustworthy websites. It operates by endorsing spam browser notifications and redirecting users to other (likely unreliable/hazardous) sites. The majority of visitors to wers.co[.]in and analogous webpages
Adventurer is ransomware that our team discovered during a routine inspection of malware samples submitted to VirusTotal. Upon execution, Adventurer encrypts files and alters their filenames. It also provides a ransom note, "README.TXT". This ransomware appends the victim's ID and the ".adventurer