Upon analysing wakeezingnigs[.]com, we determined that it uses a misleading tactic to obtain permission to show notifications. If visitors fall for it, the site can send deceptive warnings and other types of intrusive and unreliable notifications. Interacting with those notifications can expose us
Our research team discovered the untiested[.]com rogue page while browsing dubious websites. After examining this webpage, we learned that it promotes browser notification spam and generates redirects to different (likely untrustworthy/harmful) sites. The majority of visitors to untiested[.]com an
Our researchers discovered this fake "Surge" airdrop while browsing dubious websites. Upon examination, we determined that this giveaway is a scam that is not affiliated with the actual Surge platform. This page operates as a cryptocurrency drainer – by siphoning funds from exposed digital wallets
Our researchers discovered the "MetaMask Identity Verification" phishing scam while browsing suspicious websites. It is presented as a MetaMask page for verifying user identity in order to set up interaction with digital currencies. The goal of this scam is to deceive victims into disclosing priva
Our researchers discovered this fake "Niche Baby ($BABY)" airdrop during a routine investigation. This scam functions as a cryptocurrency drainer – by siphoning funds from exposed digital wallets. It must be emphasized that this deceptive website is not associated with the real Niche Baby. I
We have checked the email and found that it is a phishing attempt. It is disguised as an estate recovery notice to trick recipients into replying. It seems that scammers behind it aim to steal personal information and possibly money from unsuspecting recipients. This fraudulent message should be i
Our analysis reveals that join-tbysol[.]xyz is a fraudulent website that mimics the original Toby site (tobyrobot.com). The fake page lures unsuspecting visitors with a cryptocurrency giveaway. Victims of this scam may have their crypto holdings stolen. Thus, this fake site should be avoided.
Our team has inspected ShadowLock (which we found while inspecting samples on VirusTotal) and concluded that it is ransomware that blocks access to files by encrypting them. It also changes filenames (by appending the ".LOCKEDxX" extension) and provides a ransom note, which is a full-screen image.
Gocenumpy[.]com is a rogue page discovered by our researchers while browsing suspicious sites. Upon examination, we learned that it promotes browser notification spam and generates redirects to other (likely unreliable/harmful) websites. Most visitors access gocenumpy[.]com and analogous webpages
Upon inspecting news-huyago[.]com, we concluded that it is a deceptive page because it uses clickbait to obtain permission to show notifications. If visitors allow the site to do so, it can deliver unwanted notifications containing fake warnings, offers, or similar content. Users should not trust