Our researchers inspected the Earth browser extension, available on the Chrome Web Store, and found that it has the traits of a browser hijacker. Although it is marketed as a tool for viewing satellite imagery, adding it to the browser changes the default search engine to earthapp.net, a page that
Our researchers tested the Nautilus Notes Chrome extension and found that it has the traits of a browser hijacker. While it presents itself as a sticky-note tool for the new tab page, installing it changes browser settings to promote under-cover.info, an address also pushed by other similar extens
We inspected the PerfecTab browser extension and found that it has the characteristics of a browser hijacker. PerfecTab is promoted as a New Tab replacement with a clock, to-do list, bookmarks, notes, and wallpapers, but once added to a browser it also changes search-related settings to push the u
Our research team discovered recheck[.]co.in while examining dubious websites. After inspecting this page, we determined that it promotes browser notification spam and generates redirects to other (likely unreliable or harmful) sites. Most visitors reach recheck[.]co.in through redirects triggered
We have examined this email and determined that it is a phishing scam. It is disguised as an urgent notice from a webmail service provider, falsely warning that the recipient's domain account is about to expire. The goal is to trick users into visiting a fraudulent website where their login creden
We have examined this email and determined that it is a phishing scam. It is disguised as a security notice from the recipient's email service provider, falsely claiming that account settings require immediate review. The goal is to trick recipients into entering their login credentials on a fraud
We have examined this email and determined it is a phishing scam. It impersonates an email service provider, falsely claiming the recipient has messages waiting in quarantine. The goal is to lure users into entering their login credentials on a fraudulent website. This email should be ignored.
We examined this email and determined it is a phishing scam. Disguised as a security alert from a webmail service, it falsely claims that the recipient's recovery email address was changed. Scammers use it to trick recipients into handing over their login credentials on a fake website. Thi
We examined this email and determined it is an advance-fee scam. The message falsely presents itself as a personal communication from a prominent business figure who claims to be running a private global philanthropy initiative offering large cash grants. Recipients who respond will be drawn into
After reviewing this email, we determined that it is a phishing scam. The message poses as an official domain compliance notice, falsely claiming the recipient's domain must be revalidated under ICANN regulations. It is designed to lure recipients into visiting a fake webmail login page where thei