"PayPal - You Added A New Address" is an email spam campaign with several message variants. Essentially, these emails are disguised as alerts from PayPal claiming that a new address was added to the account. In some cases, there are mentions of an expensive purchase that the account's owner has no
Our analysis shows that it is a fake email pretending to be a payment confirmation notification from the HSBC bank. The fraudsters behind this scam email aim to trick recipients into disclosing personal information and (or) paying fake fees. Such emails are called phishing attempts. Recipients sho
We have examined networktargetflow.co[.]in and learned that it hosts the "You've Visited Illegal Infected Website" scam and wants to show notifications. Usually, when deceptive websites are allowed to send notifications, they bombard users with misleading ads, fake warnings, and other messages.
Our researchers found Utoaqk App while investigating an installer promoted by the getpremiumapp[.]monster rogue website. This software is a PUA (Potentially Unwanted Application). Most apps within this classification have harmful abilities; Utoaqk App introduces Legion Loader malware into systems
We have analyzed Danger and found that it is ransomware belonging to the GlobeImposter family. Upon execution, Danger encrypts files and appends ".danger" to them. It also creates a file ("HOW_TO_BACK_FILES.html") containing a ransom note. Our discovery of Danger occurred during the inspection of
We have found that sweepoffer[.]info presents deceptive content. Its purpose is to receive permission to show notifications. As a rule, when such a site has permission to deliver notifications, it promotes other dubious web pages, scams, unwanted apps, etc. It is highly advisable not to agree to r
We have examined this scam and concluded that it is a technical support scam. Usually, these scams involve fake warnings or other "urgent" messages designed to deceive users into taking immediate action. Scammers use them to steal money and (or) personal information and sometimes to distribute m
During our examination of thenewsstream[.]site, we found that it uses a misleading method to trick visitors into granting it permission to show notifications. Once this permission is given, thenewsstream[.]site floods users with annoying and unwanted notifications designed to open other shady site
We have examined nocksolanvente[.]com and concluded that the purpose of this web page is to obtain permission to show notifications. It uses clickbait, a misleading technique, to trick users into accepting its notifications. Usually, notifications from pages like nocksolanvente[.]com are deceptive
Rapidreporters[.]site is a rogue page discovered by our researchers during a routine investigation of dubious websites. Upon inspection, we learned that rapidreporters[.]site endorses browser notification spam and generates redirects to different (likely unreliable/hazardous) sites. Most visitors