Our analysis of the email has shown that it is a fraudulent letter disguised as a notification from an email service provider. The scammers who created this email aim to extract personal information from recipients. It is worth noting that such emails are known as phishing emails. Recipients shoul
We have scrutinized the email and found that it is written by scammers who attempt to trick recipients into believing they have received a request for a company catalog. Fraudulent emails like this one fall into the category of phishing emails. Usually, the goal is to steal personal information.
SnipBot is a variant of RomCom remote access Trojan (RAT) that allows attackers to execute commands on a victim's system and download additional modules. The new variant employs a custom obfuscation technique along with advanced anti-analysis methods. Threat actors have been observed distributing
Our examination of ladsnow[.]com has revealed that the purpose of this web page is to deliver shady notifications. However, it cannot send them without user permission. To obtain this permission, ladsnow[.]com utilizes clickbait (a deceptive method). Users should not trust ladsnow[.]com and avoid
Our research team discovered this "Claim Aerodrome Rewards" scam, as promoted on distribution-aerodrome-6uo.pages[.]dev (could also be hosted elsewhere), during a routine investigation of suspect sites. This fake platform claims to be distributing various rewards. It operates as a cryptocurrency d
After inspecting the "Samples Of The Product" email, we determined that it is spam. It is presented as a potential purchase order. The spam mail enticed recipients into visiting a phishing website that targets their email account log-in credentials. It must be stressed that the information in thi
Miwgh.co[.]in is a rogue webpage that is designed to promote browser notification spam and redirect visitors to different (likely dubious/malicious) websites. The majority of users access pages like this via redirects caused by sites that utilize rogue advertising networks. Our research team disc
Octo2 is a new version of the Octo banking Trojan targeting Android users. Compared to the old version, the Octo2 includes improved RAT capabilities and anti-analysis and anti-detection techniques. If there is a reason to suspect that a device is infected with Octo2, a scan using a reputable secur
Our inspection of the site (claim-wallstreetmemes.pages[.]dev) has shown that it is one of the scams involving fraudulent offers to participate in an airdrop (cryptocurrency giveaway). The scammers behind these scams aim to trick individuals into taking actions that can result in huge financial lo
While investigating deceptive sites, our researchers discovered the "Claim $REZ" scam. It was endorsed on renzoprotocal.pages[.]dev, but it could be hosted elsewhere. The scheme is presented as an airdrop. However, this "Claim $REZ" page functions as a cryptocurrency drainer. Victims of this scam