We have determined that this is a phishing attempt designed to look like an automated notification from the mail delivery system. It includes a deceptive link that leads to a fake email account login website. The purpose of this scam is to trick recipients into revealing personal information.
Our team has found that claims-warsonusd1[.]com is a deceptive website mimicking the original War on USD platform, waronusd1.com. The fake site promotes a "rawards program" to lure users into connecting their wallets. If visitors interact with the site, they may have their cryptocurrency holdings
During our inspection, we found that this is a phishing email designed to appear as a notification from the email service provider. The fraudsters behind it seek to trick recipients into believing they must authenticate their accounts via the provided website. Their goal is to steal personal infor
Our analysis shows that bdagreward[.]live is a deceptive website posing as the original BlockDAG site (blockdag.network). The purpose of this site is to trick visitors into believing that they can receive rewards after connecting their wallets. However, no rewards are actually provided, and victim
Our team discovered RedStar while inspecting malware samples uploaded to VirusTotal and concluded that it is ransomware. Once executed, RedStar encrypts files and appends the ".RedStar" extension to files (e.g., it renames "1.jpg" to "1.jpg.RedStar", "2.png" to "2.png.RedStar", etc.). It also prov
We have reviewed the email and concluded that it is a fraudulent message regarding the "renewal of iCloud+ plan". Opening the link in this email directs recipients to various misleading websites that contain affiliate links. Scam emails like this one should be ignored to avoid potential risks.
Our analysis has revealed that Bricks is ransomware from the Proton family. We discovered this ransomware while analysing samples uploaded to VirusTotal. After execution, Bricks encrypts and renames files (by appending an email address and the ".bricks" extension), changes the desktop wallpaper, a
We have inspected the email and determined that it is a phishing attempt disguised as an urgent notification from the email service provider. It contains a link to a fake website designed to steal personal information. The scammers behind this email seek to obtain details that would allow them to
We have examined the page (claim-cherry[.]info) and discovered that it is a copy of the original cherry.fun website. The fraudulent version is very similar to the original one and is designed to trick visitors into connecting their wallets. The purpose of the scam page is to steal cryptocurrency.
We have checked the email and determined that it is presented as a FedEx notification of arrival. However, it is a scam email used to distribute malware. The file attached to the email is malicious and can infect the system once opened. Recipients should not trust this message and avoid opening th