Like most malspam campaigns, this one is sent by cyber criminals who attempt to trick recipients into installing malware. In this particular case, the email is disguised as a message from South African Revenue Service (SARS). The main aim of the cyber criminals responsible is to deceive recipient
DualShot was discovered by S!Ri. This ransomware encrypts and renames files, and displays a ransom message in a pop-up window. DualShot renames encrypted files by appending the ".dsec" extension to filenames. For example, "1.jpg" would be renamed to "1.jpg.dsec", "2.jpg" to "2.jpg.dsec", and so on
"Cuerpo Nacional de Policía" is a scam email disguised as summons given due to an ongoing investigation by the National Police Corps (Cuerpo Nacional de Policía), the national civilian police force of Spain. This scheme employs scare tactics and claims that recipients are suspects in a bank fraud
MessengerHub is advertised as an instant messaging application, which includes a video chat feature. After installation, however, it starts to serve various advertisements. Therefore, MessengerHub is classified as adware. Note that users often download and install adware accidentally and, therefo
Coronavirus is a part of Scarab, a family of ransomware programs. It encrypts files and modifies their filenames, changes the desktop wallpaper and creates other ransom messages in text files, and disables Task Manager. Coronavirus renames files by appending the ".coronavirus" extension. For exam
The QuericsSearch browser hijacker promotes search.querics.net by changing certain browser settings. In this way, the app hijacks browsers to promote a fake search engine. Furthermore, this app adds the "Managed by your organization" feature to Google Chrome browsers and might also be designed to
My Sweeps Tab is a rogue application categorized as a browser hijacker. It operates by making alterations to browser settings to promote hmysweepstab.com (a fake search engine). This app also monitors users' browsing habits. Due to the methods used to distribute My Sweeps Tab, most people downloa
"Windows firewall has blocked some features of this program" is a deceptive pop-up window displayed by untrusted websites. It is disguised as a genuine Windows error message. The purpose of this scam is to trick people into calling a bogus technical support helpline. Trusting this fake alert can
Bomba is malicious software belonging to the Scarab ransomware family. Systems infected with this malware have their data encrypted and users receive ransom demands for decryption tools/software. During the encryption process, all affected flies are appended with the ".bomba" extension. For examp
iMacCleaner is advertised as a software which improves computer performance by cleaning unwanted files and the browser cache, and uninstalling unwanted software. In fact, this app is categorized as a potentially unwanted application (PUA) due to the method that developers use to distribute it: