During our inspection, we found that heigasic[.]com is not a trustworthy website that uses clickbait to receive permission to show notifications. If allowed, heigasic[.]com can display deceptive notifications. Therefore, users should avoid visiting heigasic[.]com and similar web pages. Hei
While investigating dubious websites, our researchers discovered the gadsfamily[.]com rogue page. It operates by promoting browser notification spam and generating redirects to other (likely untrustworthy/malicious) sites. Users primarily access gadsfamily[.]com and similar webpages via redirects
"Your Invoice Has Been Paid" is a spam email. It promotes a phishing website targeting private information. The scam mail lures recipients into visiting the site by claiming that it is a way to access the payment made to them. The spam email with the subject "#PO-29073EW Payment confirmati
Our team has inspected this email and concluded that it is a phishing attempt. Scammers behind such fraudulent schemes usually aim to trick recipients into sending them personal information. Thus, it is advisable to be careful with such emails to avoid potential negative consequences. This
During a routine examination of malware submitted to VirusTotal, we discovered a ransomware variant named Foxtrot. This ransomware encrypts files, appends the ".foxtrot70" extension to filenames, and generates a ransom note ("How_to_back_files.html"). We also found that Foxtrot belongs to the Medu
We have analyzed this email and found that it is a scam email posing as a business opportunity offer. In most cases, the scammers behind such emails aim to extract personal information and (or) money from unsuspecting individuals. It is important to recognize and ignore emails of this kind to avoi
We have examined safe-secure-protect[.]com and found that it is an unreliable website that can (if allowed) show misleading notifications. Pages like safe-secure-protect[.]com often use clickbait or other deceptive tactics to trick visitors into agreeing to receive their notifications. Users shoul
Can stealer is a malicious program designed to extract sensitive information from infected systems. It targets a variety of data but there's a particular focus on log-in credentials (usernames/passwords). According to Can stealer's promotional material, it has anti-analysis capabilities, s
Our researchers discovered the efgrghhindhimi[.]info rogue page during a routine inspection of dubious websites. After examining this webpage, we determined that it promotes spam browser notifications and generates redirects to different (likely unreliable/hazardous) sites. Efgrghhindhimi[.]info
SambaSpy is a remote access Trojan (RAT), a type of malware that cybercriminals often use to steal information and (or) distribute additional malware. Threat actors have been observed distributing SambaSpy via email. Interestingly, they target Italian users only. However, the attackers may broaden