"Philippine Overseas Employment Administration" refers to a spam email campaign disguised as mail from the Philippine Overseas Employment Administration (POEA). The term "spam campaign" defines a large scale operation, during which thousands of deceptive emails are sent. The messages of this spam
When opened/visited, havilizedkj[.]club opens other bogus websites or loads dubious content. There are many websites similar to havilizedkj[.]club on the internet. Some examples are click-to-watch[.]live, bestdealfor21[.]life and cvazirouse[.]com. People do not often visit them intentionally - th
Easy Coupon Finder hijacks browsers by changing certain settings to easycouponfindertab.com (the address of a fake search engine). These apps often track information relating to users' browsing habits. Commonly, people download and install apps such as Easy Coupon Finder inadvertently and, therefo
NHLP is a malicious program belonging to the Dharma ransomware family. Generally, malware of this type is designed to prevent victims from accessing/using their files by encryption, renaming every encrypted file, and displaying and/or creating a ransom message. This particular ransomware renames
Prnds is a malicious program belonging to the Dharma ransomware family. It operates by encrypting the data of infected systems in order to demand ransoms for decryption. During the encryption process, all affected files are renamed according to this pattern: original filename, unique ID assigned t
CoronaCrypt ransomware is designed to encrypt files, modify filenames, display a ransom message and create the "How_To_Restore_Your_Files.txt" text file (another ransom message). It renames files by adding its name, u.contact@aol.com email address, victim's ID, and appending the ".Encrypted" exten
This malware belongs to the Dharma ransomware family. Like most malicious programs of this type, Dtbc is designed to encrypt data, rename encrypted files and provide instructions about how to contact the developers. It renames encrypted files by adding the victim's ID, databack2@protonmail.com ema
Search Pro is a rogue application endorsed as supposedly capable of providing reliable search results, popular search trends and other web-search related features. In fact, this app is categorized as a browser hijacker, due to the modifications it makes to browsers to promote hsearchpro.com (a bog
EmailCheckNow is software classified as a browser hijacker. It is advertised as an easy access tool for email accounts. In fact, EmailCheckNow operates by making modifications to browser settings to promote emailchecknow.com (a fake search engine). Most browser hijackers have data tracking capabi
click-to-watch[.]live is a rogue website sharing many similarities with bestdealfor21.life, cvazirouse.com, esmo.pro, mediamodern.biz and thousands of others. When accessed, these sites present visitors with dubious content and/or redirect them to other dubious/malicious web pages. Few users ente