While investigating suspicious sites, our researchers discovered the "Online Internet Banking Security Center" technical support scam. It imitates the Microsoft website that warns visitors of a major security breach threatening their personal and banking information. Schemes of this kind aim to d
PXRECVOWEIWOEI (also known as 0bj3ctivity) is malware classified as an information stealer, commonly distributed via email. It specifically targets and extracts various types of sensitive information from infected systems. Victims should remove PXRECVOWEIWOEI from infected systems immediately.
Upon our review, we learned that RankingDomainName behaves as adware by displaying intrusive advertisements. It may also have other functions. Adware like RankingDomainName is often distributed using deceptive strategies to mislead users into downloading it. Removing adware such as RankingDomain
Our review of the ONFIND extension has shown that it operates as a browser hijacker. Upon adding it to a browser, the extension changes its settings to promote findflarex.com. Usually, users get tricked into adding browser hijackers, making these extensions untrustworthy. Thus, ONFIND should be re
While inspecting new file submissions to the VirusTotal website, we discovered the BrowserQuest app. Our examination uncovered that this piece of software is adware from the AdLoad malware group. Advertising-supported software like BrowserQuest is designed to generate revenue for its developers/
EVERSEARCH is a rogue browser extension promising to provide improved search results and an overall better browsing experience. Upon inspection, we determined that this extension is a browser hijacker. It alters browser settings to endorse (via redirects) the finditfasts.com fake search engine.
While investigating a Torrenting website that uses rogue advertising networks, our researchers found a deceptive page promoting an installer containing the Audio Normalizer app. It is classed as a PUA (Potentially Unwanted Application), and as such – Audio Normalizer likely possesses harmful abili
After reading the "Authorization To Claim Funds" email, we determined that it is spam. Recipients of this letter are queried whether the request to transfer their funds is legitimate. It must be stressed that this email is fake and not associated with any legitimate entities. The spam campaign li
Our research team discovered avgs[.]fun while inspecting dubious websites. After reviewing this rogue page, we learned that it promotes scams and spam browser notifications. Additionally, it can redirect users to other (likely untrustworthy/dangerous) sites. Visitors to avgs[.]fun and similar web
We have identified that this email is a deceptive message masquerading as a notification concerning the security of the recipient's NFT account. Email of this type, categorized as phishing scams, are designed by scammers to trick recipients into revealing sensitive information. It is recommended t