During our investigation of suspicious websites, we analyzed ton-keeper.pages[.]dev and found that it promotes a fake Tonkeeper airdrop. The site impersonates the official Tonkeeper wallet platform and is designed to deceive visitors into connecting their wallets, activating a drainer that steals
While investigating suspicious websites, our researchers came across governance-arc[.]com - a page imitating the official Arc blockchain platform. It promotes a fake "Community Rewards Proposal," asking visitors to vote on the timing of the next rewards distribution. The real purpose of this site
While investigating dubious websites, our researchers examined etherfi-wc26[.]com and found it to be a fraudulent page impersonating the ether.fi Cash platform. The site promotes a fake World Cup 2026 voting rewards campaign and operates as a cryptocurrency drainer targeting visitors' wallets.
During our investigation of genesispool[.]org, we found that this site promotes a fake Ethereum token airdrop. The page falsely claims to distribute 12.5 million tokens to early community members. In reality, it is a fraudulent website designed to steal cryptocurrency by harvesting wallet recovery
We have examined this email and determined it is a scam. It impersonates a LinkedIn business notification, falsely claiming that a contact has sent a purchase inquiry. The aim is to lure recipients into a credential-harvesting page. This email should be deleted without engaging with any part of it
We have examined this email and determined it is a phishing scam that impersonates cPanel, a widely used web hosting control panel, to convince recipients that their email storage has been exceeded. The goal is to trick users into entering their login credentials on a fake webmail page. This email
Our team inspected this email and determined it is malspam designed to deliver malware. The message is disguised as an Adobe Acrobat Sign notification to trick recipients into clicking a button that leads to a fake website. That site delivers a trojanized installer giving attackers remote access t
We have examined this email and concluded that it is a scam. The message is designed to appear as a business proposal from a bank manager offering to share millions of dollars in unclaimed funds. The scammers seek to trick recipients into engaging with them, after which they will demand escalating
After inspecting this email, we determined that it is malspam. Disguised as a document signing request from DocuSign's Legal Department, the message is designed to trick recipients into downloading and running a malicious file. This email should be ignored and deleted without opening any files ass
We have examined this email and determined that it is a phishing scam. Disguised as an urgent account notice from cPanel Webmail, it falsely claims the recipient's mailbox requires immediate verification to prevent closure. The email is designed to steal email login credentials and should be delet