We have inspected alaskariver[.]top and learned that it uses a method known as clickbait to trick visitors into allowing it to send notifications. When web pages like alaskariver[.]top have permission to show notifications, they typically deliver fake warnings or other messages. Thus, these sites
This "$RUNE Loot Crate Claims" scam (runiverse[.]claims; could be hosted elsewhere) is a cryptocurrency drainer. It lures users with the promise of a chance to receive RUNE tokens. This scheme does not distribute any digital assets – instead, it steals them by siphoning the funds from exposed cryp
While browsing dubious sites, our researchers discovered the "$KINTO TGE Check Allocations" scam (kintodao[.]claims). Instead of distributing digital assets, this scheme operates as a cryptocurrency drainer – i.e., by stealing funds from exposed cryptowallets. It must be emphasized that this fake
While investigating suspect sites, our researchers discovered this fake "$PAWS Token Distribution" page. The scam was promoted on allocate-pawscoin[.]xyz, yet it could be hosted elsewhere. The webpage claims to be distributing tokens – instead, it operates as a cryptocurrency drainer. Essentially
Our researchers discovered the InstantQuest browser hijacker in a rogue installer promoted by a scam page, the latter was found during a routine investigation of untrustworthy websites. This extension modifies browser settings to promote (via redirects) the finditfasts.com fake search engine. It
Our analysis of phuthobsee[.]com has shown that the site is designed to obtain permission to show notifications. It uses a deceptive technique to achieve this. Once allowed, phuthobsee[.]com can deliver notifications created to open potentially malicious websites. Thus, phuthobsee[.]com should be
During our examination of abyssalminer[.]top, we found that this page uses a deceptive method to get permission to show notifications. Once allowed, abyssalminer[.]top delivers fake warnings and other misleading notifications. Users should avoid visiting abyssalminer[.]top and never allow it to se
After inspecting this "Proton.me" email, we determined that it is fake. This spam message claims that several emails were withheld from reaching the recipient's inbox. This campaign lures victims into visiting a phishing website targeting account log-in credentials by enticing them with the suppos
While inspecting dubious websites, our researchers discovered the aroidonline[.]com rogue page. This site promotes browser notification spam; we observed it using several versions of a fake CAPTCHA verification test for this purpose. Additionally, aroidonline[.]com can generate redirects to differ
Our research team found the appspot[.]com rogue page while inspecting suspect websites. After investigating this webpage, we learned that it endorses browser notification spam and redirects users to other (likely dubious/malicious) sites. Most visitors enter pages like appspot[.]com through redire