Our research team discovered the news-hedebe[.]cc rogue page while browsing suspicious websites. This webpage is designed to promote browser notification spam and redirect visitors to different (likely untrustworthy/harmful) sites. News-hedebe[.]cc and similar webpages are most commonly accessed t
After inspecting this "Your Mail Is On Hold" email, we determined that it is spam. It claims that email delivery has been paused, and the recipient can restore it. The phishing site promoted by this campaign targets email account log-in credentials (passwords). The spam email with the subj
Our review of the "Account Update Required" email revealed that it is spam. The message states that recipients' account information must be updated. This spam campaign aims to trick victims into disclosing their email log-in credentials to a phishing website. The spam email with the subjec
Probe-portal.com is a fake search engine – a type of website that cannot provide search results and collects visitor data. It redirects to a legitimate search engine. Typically, sites of this kind are promoted by browser hijackers. Browser hijackers reassign browsers' homepages, default se
Upon examining this "Webmail Login Activity" email, we determined that it is spam. This message is presented as an alert from cPanel concerning suspicious sign-ins. The goal of this phishing campaign is to obtain recipients' email account log-in credentials. The spam email with the subject
We have reviewed the email and determined that it is a phishing message disguised as a security notification from American Express. It is created to appear urgent and important to trick recipients into opening a fake website and entering personal information. This and similar scams should be ignor
Our inspection has revealed that this is a phishing email posing as an urgent notification from the email service provider. Scammers' purpose is to lure recipients into a fake website and steal personal details. Victims of this scam may be unable to access their accounts and encounter additional i
GrokPy is malware that collects system information, escalates privileges, and abuses browser capabilities to carry out its tasks. It also communicates with a command-and-control server throughout the infection process, enabling remote coordination and updates. Notably, the malware integrates CAPTC
Our analysis shows that news-hatoro[.]cc tries to persuade visitors to enable its notifications. If permission is granted, the site can push misleading messages, such as fake warnings or promotional claims, designed to lure users into opening dubious pages. For this reason, news-hatoro[.]cc is unr
Our team has reviewed the email and found that it is a fake message posing as an important notice regarding an unverified login attempt. It is disguised as a message from the recipient's email service provider. The goal is to trick recipients into opening a fake website and entering personal infor