We have examined this email and determined it is a phishing scam. The message is disguised as a business order inquiry, with a link that appears to lead to legitimate documents but instead opens a fake login page designed to steal email credentials. Recipients should ignore this email to avoid hav
We inspected the Pure Safety browser extension and found it has the traits of a browser hijacker. Once added to a web browser, it changes certain settings to promote pureextension.net, which is a fake search engine. The extension claims to display website safety scores directly in browser search
We inspected this email and found it to be a phishing scam. The message pretends to be a payslip notification sent from an employer's payroll department. Its real goal is to steal email login credentials by directing recipients to a fake webmail page. The email should be ignored. The email
Prinz Eugen is ransomware written in the Go programming language and first publicly documented by ThreatDown; our team also examined samples submitted to VirusTotal. It encrypts files and appends a .prinzeugen extension to every affected filename, making them impossible to open. On our test machi
During our investigation of suspicious websites, we examined tkstio.pages[.]dev and found it promotes a fake cryptocurrency airdrop for $TKST tokens. The site is designed to trick visitors into connecting their cryptocurrency wallets, which activates a drainer that silently moves funds to the scam
We have examined this email and determined it is a phishing scam. The message is disguised as an urgent security notice from the recipient's email service provider, falsely claiming that their password is about to expire. Its goal is to lure recipients into clicking fraudulent links that lead to a
We have examined this email and determined that it is a phishing scam. The message falsely claims that recipients must validate their cryptocurrency wallets to unlock financial benefits and exclusive rewards. Its actual purpose is to lure victims into visiting a fraudulent website and surrendering
We have inspected this email and determined it is a phishing scam. The message is disguised as an official billing notice from Zoho Workplace, falsely claiming the recipient's payment method failed and that services will be suspended unless billing details are updated immediately. This email shoul
During our investigation of suspicious websites, we analyzed ton-keeper.pages[.]dev and found that it promotes a fake Tonkeeper airdrop. The site impersonates the official Tonkeeper wallet platform and is designed to deceive visitors into connecting their wallets, activating a drainer that steals
While investigating suspicious websites, our researchers came across governance-arc[.]com - a page imitating the official Arc blockchain platform. It promotes a fake "Community Rewards Proposal," asking visitors to vote on the timing of the next rewards distribution. The real purpose of this site