We have examined this email and determined it is a phishing scam that impersonates cPanel, a widely used web hosting control panel, to convince recipients that their email storage has been exceeded. The goal is to trick users into entering their login credentials on a fake webmail page. This email
Our team inspected this email and determined it is malspam designed to deliver malware. The message is disguised as an Adobe Acrobat Sign notification to trick recipients into clicking a button that leads to a fake website. That site delivers a trojanized installer giving attackers remote access t
We have examined this email and concluded that it is a scam. The message is designed to appear as a business proposal from a bank manager offering to share millions of dollars in unclaimed funds. The scammers seek to trick recipients into engaging with them, after which they will demand escalating
After inspecting this email, we determined that it is malspam. Disguised as a document signing request from DocuSign's Legal Department, the message is designed to trick recipients into downloading and running a malicious file. This email should be ignored and deleted without opening any files ass
We have examined this email and determined that it is a phishing scam. Disguised as an urgent account notice from cPanel Webmail, it falsely claims the recipient's mailbox requires immediate verification to prevent closure. The email is designed to steal email login credentials and should be delet
After inspecting this email, we determined that it is a phishing scam. The message is disguised as a FedEx notification about attached shipping labels and documents. It contains an HTML file attachment that, when opened in a browser, displays a fake FedEx login page designed to steal email account
After inspecting this email, we concluded that it is a phishing scam. The message poses as an official notification from DHL Express Commerce, falsely claiming that three documents have been shared with the recipient. It is designed to steal login credentials through a fraudulent website and shoul
Our researchers discovered matrixgrowthforge[.]com while investigating suspicious websites. After examining this rogue page, we determined that it promotes browser notification spam and generates redirects to other (likely unreliable/dangerous) sites. Matrixgrowthforge[.]com presents visit
Friends is ransomware our research team identified while examining new malware samples submitted to VirusTotal. It encrypts files on the victim's machine and demands payment for a decryption key. The attackers also claim to have stolen sensitive data and threaten to make it public if the ransom is
Hommy is a ransomware-type program that we discovered during a routine inspection of new submissions to the VirusTotal website. Hommy belongs to the Makop ransomware family. It encrypts files, renames them, drops a ransom note ("+README-WARNING+.txt"), and changes the desktop wallpaper. On our te