Upon inspection of the "Specification For The Item Requested" email, we determined that it is spam. This letter is presented as a quote request for specified items. The phishing mail targets the recipient's company data. However, the goal of this campaign may be to entangle victims in a complex s
Upon inspecting transiouratwat[.]com, we concluded that the purpose of this site is to trick users into consenting to receive notifications from it. Transiouratwat[.]com uses a technique known as clickbait to lure users into granting it that permission. Web pages like transiouratwat[.]com should b
Our research team discovered news-vukihu[.]com while investigating untrustworthy sites. After our inspection, we determined that it is a rogue webpage that promotes browser notification spam and redirects users to other (likely dubious/malicious) pages. Most visitors to news-vukihu[.]com and simi
While examining search-fine.com, we noticed that this is a fake search engine because it does not provide its search results. It is common for search engines like search-fine.com to be promoted via extensions known as browser hijackers. These extensions operate by altering the settings of web brow
Waqa is ransomware from the Djvu family that encrypts files and appends its extension (".waqa") to filenames. Also, Waqa drops a ransom note (a text file named "_readme.txt"). It is common for ransomware variants from the Djvu family to be delivered alongside information stealers like RedLine and
While investigating a Torrenting site that uses rogue advertising networks, we were redirected to a deceptive webpage endorsing an installation setup containing the Mixability PUA (Potentially Unwanted Application). Typically, apps within this category have undesirable or harmful capabilities. It
Search-boss.com is a fake search engine, and like most – it cannot generate search results. Browser-hijacking software endorses sites like search-boss.com via redirects. It is pertinent to mention that users who find themselves forced to visit search-boss.com may also experience redirects to anoth
Exploreahoy.com is the address of a fraudulent search engine. Websites of this kind typically cannot provide search results, so they redirect to genuine Internet search engines. These fake sites are commonly promoted by browser hijackers. It is noteworthy that users who experience redirects to ex
Our researchers discovered the DrawPad Graphic Design PUA (Potentially Unwanted Application) in an installer promoted by a deceptive webpage, which we found while investigating a Torrenting website that uses rogue advertising networks. Unwanted apps typically have harmful capabilities. Additional
After inspecting "$PARAM Claim Live", as promoted on signin-param[.]net, we determined that it is a scam. It impersonates the Param platform (paramgaming.com). The scheme lures users into exposing their digital wallets to a cryptocurrency wallet through a fake event in which $PARAM tokens can be c