We have examined bidrdtrck[.]com and discovered that the main goal of this web page is to trick visitors into allowing it to show notifications. Like most websites of this type, bidrdtrck[.]com uses clickbait to deceive visitors. It is advisable not to agree to receive notifications from sites lik
We have analyzed this email and found that its purpose is to extract personal information from recipients. This fraudulent letter is disguised as a notification from an email service provider and contains a misleading link. Emails of this type are called phishing emails. Recipients should ignore t
"NEIRO Register" is a scam promoted on register-neirocoin[.]app (note that other domains are likely). It promises rewards for users who register within the next 24 hours, likely in the form of free NEIRO memecoins. This scheme is a crypto drainer that steals cryptocurrency from victims' digital wa
While investigating deceptive websites, our research team found the "Claim $METIS" scam page. This scheme was discovered on decentralized-worlds.pages[.]dev, but it could be hosted elsewhere. It is a fake airdrop supposedly distributing METIS tokens. The scam functions as a cryptocurrency drainer
Our team has examined this email and concluded that it is a phishing email. Scammers use such emails to trick unsuspecting recipients into disclosing personal information. In this particular case, scammers pretend to be a company named NET Registry to extract information from recipients. It is hig
During our inspection of app-methprotocol[.]co, we discovered that it is a fraudulent website designed to trick visitors into taking steps that could lead to financial loss. Such sites often use convincing designs to appear legitimate. The deceptive site in question is disguised as a cryptocurrenc
Ajina (also known as Mamont) is a banking Trojan targeting Android users. It is known for stealing financial information and two-factor authentication (2FA) messages. Ajina is distributed by disguising it as legitimate banking and other apps. Cybercriminals behind Ajina have been observed targetin
While browsing suspicious websites, our researchers discovered the stonecoremason[.]top rogue page. It promotes browser notification spam and redirects visitors to other (likely dubious/malicious) sites. Users most commonly enter webpages like stonecoremason[.]top via redirects caused by websites
After inspecting the "Someone Used Your Webmail Password" email, we determined that it is spam. This mail is promoting a phishing scam that targets email log-in credentials by claiming that an unrecognized sign-in attempt was blocked. The spam email with the subject "Mailbox Unusual Sign-i
While inspecting a deceptive download page, our researchers discovered a rogue installer carrying the GxuApp PUA (Potentially Unwanted Application). Programs within this category typically possess harmful functionalities. PUAs are often bundled with other suspicious software, and the GxuApp insta