During our inspection of the REVRAC malware we found that it is ransomware belonging to the Makop family. Upon execution, REVRAC encrypts files (and renames them), changes the desktop wallpaper, and creates a ransom note ("+README-WARNING+.txt"). This ransomware changes filenames by appending the
"Payment Confirmation Advise" is a phishing email. It lures recipients with a payment-themed lure into visiting a phishing site masquerading as an email sign-in page. Victims of this spam campaign can have their email accounts stolen. The spam email with the subject "payment confirmation a
We have reviewed fuel-io.pages[.]dev and found that it is a fake website mimicking the original Fuel site (fuel.network). Scammers behind the fraudulent page aim to deceive individuals into launching a malicious tool that can steal their cryptocurrency. It is highly advisable to avoid sites like t
Our team has inspected the email and concluded that it is a fake notification from an email service provider. Since it contains a link to a deceptive website designed to steal personal information, we classified it as a phishing email. Recipients should not interact with such emails and should del
Our inspection of the "Voice Message" email revealed that it is spam. It is presented as a notification concerning a received voice note. Instead of containing an audio message, the attachments are phishing files targeting email account log-in credentials. The spam email with the subject "
We analyzed minesciling[.]com and found that it is a deceptive website that tries to trick visitors into allowing it to show notifications. If this permission is granted, minesciling[.]com can send fake alerts and similar messages. As a result, this site should be avoided. Minesciling[.]co
After inspecting this "Email Quota Notification" message, we determined that it is spam. It claims that the recipient's inbox storage is close to reaching the limit. With this lure, this phishing email aims to trick recipients into revealing their account log-in credentials (passwords). Th
We have analysed nestritwateme[.]com and discovered that it is a deceptive site designed to manipulate visitors into granting it permission to show notifications. If allowed, nestritwateme[.]com can deliver fake alerts and other misleading content. Therefore, this page should not be trusted.
Our analysis shows that this site (pendle-f[.]finance) mimics the original one (app.pendle.finance) to trick users into connecting their wallets. The purpose of the fake Pendle site is to steal cryptocurrency. Thus, users should not trust it and avoid similar pages. IMPORTANT NOTE: We do not
We have inspected the email and found that it is a scam. It is disguised as a letter from a legitimate entity and is designed to trick recipients into disclosing personal information and (or) transferring money to scammers. This email should not be trusted. This scam email claims to come f