Our researchers discovered the blockspanlink[.]com rogue page while investigating suspicious websites. Upon examination, we learned that this webpage endorses browser notification spam and generates redirects to other (likely unreliable/harmful) sites. Most visitors to blockspanlink.com and simil
While inspecting untrustworthy sites, our researchers found this fake "Aster" airdrop. This scam is designed to lure users into exposing their cryptocurrency wallets to a crypto drainer. It must be emphasized that this bogus airdrop is not associated with the real Aster exchange. IMPORTANT N
After reviewing this "WeTransfer - Received Transfer Expired" email, we determined that it is a phishing scam. This message states that the file transfer sent to the recipient has expired, but they can still recover it. The goal of this campaign is to deceive recipients into revealing their email
After inspecting this "System Has Flagged Messages Due To Security Violations" email, we determined that it is spam. It states that three emails were not delivered to the recipient's inbox and are quarantined. The goal is to deceive users into revealing their account log-in credentials to a phishi
LockBit 5.0 is the newest LockBit ransomware. Upon execution, it encrypts files, appends a random extension to filenames (e.g., ".db9785905a3cad2c"), and creates a ransom note ("ReadMeForDecrypt.txt"). An example of how files encrypted by LockBit 5.0 are renamed: "1.jpg" is changed to "1.jpg.db978
"ACH-EFT Processing Documents Verified" is a spam email informing recipients that their time-sensitive financial documents have been verified and must be reviewed. This message aims to trick recipients into entering their log-in credentials into a phishing website. It must be emphasized that this
Our inspection of the "An IP Conflict Was Detected On Your Account" email revealed that it is spam. It alerts recipients that their email accounts will be restricted and deactivated due to conflicting IP addresses. The aim is to trick victims into disclosing their email account log-in credentials
While examining the site (sol-lncinerator[.]org), we found that it is a copy of the original Sol-Incinerator page (sol-incinerator.com) that is designed to steal cryptocurrency from unsuspecting users. The fake site shares a very similar design to deceive visitors. It should be avoided to prevent
Our analysis shows that this is a scam used to drain wallets. The website (sol.dot-io[.]cc) poses as a legitimate "Solana Airdrop Portal" to trick visitors into taking actions enabling scammers to steal their cryptocurrency. Recognizing such scams is essential to avoid losing funds. IMPORTAN
We have concluded that this is a scam email posing as a notification from the email service provider regarding the delivery of messages. The aim is to steal personal information through a fake website. Such scams are classified as phishing attempts. Recipients should ignore emails of this type to