Upon examining the email, we concluded that it is a phishing attempt. It is designed to appear as an urgent notification from the email service provider to trick recipients into opening the included website. The goal is to steal personal information that can be used to gain access to email and pos
We have inspected the email and found that it is disguised as a notification from "Domain Account service provider" and contains a deceptive link. Its purpose is to trick recipients into entering personal information on a fake website. Victims of this scam may experience account hijacking and othe
Our analysis has revealed that this is a phishing email masquerading as a LinkedIn verification message. It claims that recipients have to use the provided link to resolve the issue that supposedly occurred. However, the purpose of this scam is to trick recipients into sharing personal information
We have reviewed the email and discovered that it is disguised as a message from the email service provider. It is designed to steal personal information through the attached file. Falling for this scam email can result in account hijacking. Thus, recipients should ignore this phishing email.
We have examined the malware and concluded that Run is ransomware from the Makop family. Our discovery of the ransomware occurred while analysing samples submitted to VirusTotal. After execution, Run encrypts files and appends the victim's ID, an email address, and its extension (".run") to them.
Our team has inspected the message and found that it is a phishing email presented as a security alert. It includes a link to a fake website and urges recipients to follow the provided instructions as soon as possible to prevent the possible "risks". This scam email should be ignored to avoid acco
Our team has inspected the email and concluded that it is a scam. The message is disguised as a notification from FedEx (a legitimate company providing delivery services) to trick recipients into opening the attached file. The purpose of this fraudulent email is to deliver malware. Thus, it should
Cortizol is ransomware that our team has discovered during an analysis of malware samples uploaded to VirusTotal. Our examination shows that Cortizol encrypts files and modifies their names by appending the victim's ID, an email address, and the ".Cortizol" extension. It also changes the desktop w
We have analysed kimchipump[.]com and kimchiofficial[.]live and found that these are two deceptive websites that promote the same scam, a fraudulent cryptocurrency airdrop. The site is designed to trick visitors into believing they can receive free crypto for participating. However, victims never
Payload is ransomware that we discovered while inspecting malware samples uploaded to VirusTotal. After execution, Payload encrypts files and appends the ".payload" extension to them. For example, it renames "1.jpg" to "1.jpg.payload" and "2.png" to "2.png.payload". The ransomware also provides a