ProSearch is a browser hijacker discovered during a routine investigative session. When inspecting a Torrenting website that uses rogue advertising networks, our researchers were redirected to a scam page using adult-oriented and video game themed lures. The webpage promoted a malicious installer
After inspecting the "EFT Payment Overview" email, we determined that it is spam. It is presented as a notification concerning a payment. This spam message aims to deceive recipients into providing their email account log-in credentials to a phishing file. The spam email with the subject "
We have reviewed this email and determined it to be a scam disguised as a notice regarding funds that can be released to the recipient. Typically, the goal of scammers behind such schemes is to obtain personal information or extract money from unsuspecting recipients. Emails of this type should be
Our researchers discovered the gamadd[.]com rogue page while browsing suspicious sites. Upon inspection, we determined that gamadd[.]com promotes spam browser notifications and redirects users to different (likely unreliable/dangerous) websites. Most visitors to webpages like gamadd[.]com enter t
After inspecting the "Error Updating The Mail Server" email, we determined that it is spam. The fake letter instructs recipients to manually update their mailbox to avoid service interruptions. This spam mail promotes a phishing website that targets email account log-in credentials (passwords).
During our inspection, we found that heigasic[.]com is not a trustworthy website that uses clickbait to receive permission to show notifications. If allowed, heigasic[.]com can display deceptive notifications. Therefore, users should avoid visiting heigasic[.]com and similar web pages. Hei
While investigating dubious websites, our researchers discovered the gadsfamily[.]com rogue page. It operates by promoting browser notification spam and generating redirects to other (likely untrustworthy/malicious) sites. Users primarily access gadsfamily[.]com and similar webpages via redirects
"Your Invoice Has Been Paid" is a spam email. It promotes a phishing website targeting private information. The scam mail lures recipients into visiting the site by claiming that it is a way to access the payment made to them. The spam email with the subject "#PO-29073EW Payment confirmati
Our team has inspected this email and concluded that it is a phishing attempt. Scammers behind such fraudulent schemes usually aim to trick recipients into sending them personal information. Thus, it is advisable to be careful with such emails to avoid potential negative consequences. This
During a routine examination of malware submitted to VirusTotal, we discovered a ransomware variant named Foxtrot. This ransomware encrypts files, appends the ".foxtrot70" extension to filenames, and generates a ransom note ("How_to_back_files.html"). We also found that Foxtrot belongs to the Medu