Our inspection of the "Undelivered Mail Returned To Sender" email revealed that it is a phishing scam. This spam message claims that multiple emails sent by the recipient have failed delivery. The goal of this spam campaign is to deceive recipients into exposing their email account log-in credenti
After examining this "cPanel - Webmail Update Required" email, we determined that it is fake. This is a phishing message that targets email account log-in credentials (passwords). It must be emphasized that this spam campaign is not associated with the actual cPanel, L.L.C. This spam email
CastleLoader is a piece of malicious software categorized as a loader. This program is designed to download/install additional malware (i.e., cause chain infections). CastleLoader has been around since at least early 2025. It has been observed being used to target governmental entities in the Unit
Our research team found this fake "Hyperliquid Rewards Program" page during a routine investigative session. This scam masquerades as the official website of Hyperliquid (hyperfoundation.org). It operates as a cryptocurrency drainer – by stealing digital assets from exposed cryptowallets. IM
While investigating suspect websites, our researchers discovered this fake "Regent of the North Winds ($REGENT)" page. It closely impersonates the official website of Regent (regentsol.io). Upon examination, we determined that it is a phishing scam targeting cryptowallet log-in credentials.
We have analyzed the website (sparkrewards[.]finance) and found that it imitates the original Spark site (spark.fi) to deceive users. The site is fraudulent and uses a malicious tool to drain wallets (steal crypto funds). It should not be trusted or accessed, as interacting with it can result in p
When browsing suspicious sites, our research team discovered this fake "Jito MEV Rewards" scam. It masquerades as Jito Network's official website (jito.network) and promises rewards to eligible users. This scam aims to deceive users into exposing their digital wallets to a crypto drainer. IM
Our team has examined the email and found that it includes a fake message from LinkedIn to trick recipients into opening a deceptive website. The provided site is designed to steal personal information. Falling for this phishing scam can lead to account hijacking and other issues. Thus, this scam
Our researchers discovered the emilebostily[.]com rogue page during a routine investigation. After inspecting this webpage, we learned that it promotes browser notification spam and produces redirects to other (likely unreliable/hazardous) sites. Most users access emilebostily[.]com and analogous
We have determined that points-soniclabs[.]app is a fake version of the Sonic platform (soniclabs.com) created to deceive users. It operates as a cryptocurrency scam that uses a malicious method to drain funds from victims' wallets. The site is unsafe and should be avoided. IMPORTANT NOTE: W