After examining this "Payment Released" email, we determined that it is spam. This message requests confirmation of the released payment. The spam email aims to lure recipients into visiting a phishing website targeting account log-in credentials. The spam email with the subject "FW: Payme
Our analysis of the site has shown that it is a crypto scam. Scammers created it to deceive individuals into transferring them cryptocurrency. Victims of such scams usually lose their crypto permanently. It is important to examine crypto-related sites before taking action (e.g., connecting a walle
Interlik.co[.]in is a rogue page discovered by our research team during a routine inspection of untrustworthy websites. Upon examination, we learned that this webpage promotes browser notification spam and redirects users to other (likely dubious/dangerous) sites. Pages like interlik.co[.]in are m
Our research team found the chobsychontleic.co[.]in rogue page during a routine investigation of dubious websites. It operates by promoting spam browser notifications and redirecting visitors to different (likely untrustworthy/harmful) sites. Most users access pages like chobsychontleic.co[.]in vi
"Claim Fomo" is a scam that impersonates the official website of the fomo application. The imitator page implies an airdrop or something similar. Users who are deceived into connecting their digital wallets to the scam site – inadvertently expose it to a cryptocurrency drainer. IMPORTANT NOT
After examining this "Account Verification Alert" email, we determined that it is spam. This fake message warns the recipient that they will experience email service interruptions or even lose their account if they do not verify it. This phishing campaign targets email account log-in credentials.
Mammon is a malicious program categorized as ransomware, not to be confused with the Makop ransomware of the same name. Malware within this category is designed to encrypt data and demand payment for its decryption. On our test machine, Mammon encrypted files and changed their names. Original fil
Our researchers discovered the Koqlpo Cynav Tool PUA (Potentially Unwanted Application) while inspecting suspicious sites. This app operates as a dropper for the Legion Loader malware. It is noteworthy that installation setups like the one containing Koqlpo Cynav Tool often include multiple pieces
We have inspected the page (claim-4g5.pages[.]dev) and concluded that it is a copy of the original ZORA (zora.co) site. The fake website offers users the chance to claim $ZORA tokens as a lure. Its purpose is to trick individuals into taking actions that can lead to the theft of their cryptocurren
Our analysis of flyforads[.]top shows that the site uses a clickbait technique to convince users to allow it to send notifications. After permission is granted, it floods users with deceptive messages that can lead to untrustworthy websites. For this reason, users should avoid granting flyforads[.