During a routine investigation of untrustworthy websites, our research team discovered the SafeMail PUA (Potentially Unwanted Application). This app is promoted as a tool for checking the validity and reputation of email addresses. However, the promised functionality is not operational. PUAs ofte
Our examination of the email has revealed that it is a phishing attempt. Emails of this kind are usually created to steal personal information from recipients. They are designed to appear important and urgent to trick recipients. This particular scam email is disguised as a security notification.
PrivateBrowsing is promoted as a tool offering secure and anonymous web browsing. Although it is not inherently malicious, it may be distributed through dubious means, like being bundled with unwanted software or hosted on unreliable websites. As a result, we categorize PrivateBrowsing as a potent
Our researchers discovered the vfirewall[.]pro rogue page while investigating suspect websites. After examining this webpage, we learned that it endorses browser notification spam and generates redirects to other (likely unreliable/harmful) sites. Most visitors to vfirewall[.]pro and analogous pa
We have analyzed irlitathal[.]com and concluded that this is a deceptive page designed to obtain permission to show notifications. Once it is allowed to send these notifications, it bombards users with fake warnings and other messages. Therefore, irlitathal[.]com and similar web pages should be av
After examining this "Mailbox Issue Identified" email, we learned that it is spam. It falsely claims that the recipient may experience service interruptions due to an unresolved mailbox error. The goal is to lure victims into visiting a phishing site that targets email log-in credentials (password
Tianrui is a ransomware-type virus discovered by our researchers during a routine inspection of new submissions to the VirusTotal site. This malicious program is identical to other ransomware, including Hush, MoneyIsTime, and Boramae. Ransomware encrypts data and demands payment for the decryption
We have inspected the email and found that it is a typical advance fee (or a similar) scam. Scammers behind it aim to trick recipients into transferring money and (or) disclosing personal information. Typically, such emails promise a large sum of money for "participation". They should be ignored.
EndPoint is ransomware from the Babuk family. Our team discovered it during an inspection of malware samples uploaded to VirusTotal. It encrypts files and appends the ".endpoint" extension to them. For instance, it changes "1.jpg" to "1.jpg.endpoint" and "2.png" to "2.png.endpoint". EndPoint also
After inspecting this "Your Chase Banking Has Been Disabled" email, we determined that it is fake. By alerting the recipient that their Chase account was disabled, this email aims to trick them into disclosing their log-in credentials. It must be emphasized that the information in this phishing m