We have examined the email and found that it is a scam disguised as a notification from the Afrihost Customer Service Team. It is designed to lure recipients into opening a fake web page and disclosing personal information. Such emails are called phishing emails. They should be ignored and deleted
We have examined the email and concluded that it is a fake letter from a company (supposedly "SOLVAY SA") regarding an urgent supply inquiry. Scammers use such emails to steal personal information and (or) money from unsuspecting recipients. Thus, if received, they should be ignored and deleted.
Our research team discovered the QQ ransomware while inspecting new file submissions to the VirusTotal site. Malicious programs within this category encrypt data and demand ransoms for its decryption. After we executed a sample of this ransomware on our test machine, it encrypted files and append
We have examined the site and concluded that it hosts a pop-up scam. This scam involves a fake McAfee warning regarding computer security. Typically, scammers behind such schemes aim to collect illegitimate commissions or steal personal information or money. Thus, it is highly advisable to ignore
While investigating deceptive sites, our research team found the "DeepSeek Crypto Giveaway" scam. This fake giveaway promises twice the return on Bitcoin, Ethereum, and Solana cryptocurrency or DeepSeek tokens contributed. Instead of receiving any amount, victims lose all that they transfer to the
DeepSeek For YouTube is promoted as a tool that quickly provides concise summaries of YouTube videos, allowing users to grasp the content in seconds. However, our analysis has shown that DeepSeek For YouTube is a browser extension that can show unwanted advertisements. Thus, we classified it as ad
Our analysis of BlackHeart has shown that this is ransomware belonging to the MedusaLocker family. Upon execution, BlackHeart encrypts data and appends the ".blackheart138" extension to files (e.g., renames "1.jpg" to "1.jpg.blackheart138", "2.png" to "2.png.blackheart138", etc.). It also drops a
We have inspected basicnetworkchain[.]com and learned that hosts the "You've visited illegal infected website" scam. Also, the page requests permission to show notifications and, if allowed, it bombards users with more deceptive content. Thus, it is highly dvisable to avoid visiting basicnetworkch
Parthonylogles[.]com is a rogue webpage discovered by our researchers during a routine inspection of dubious sites. Upon examination, we determined that this page endorses browser notification spam and redirects visitors to other (likely suspicious/dangerous) websites. Most users enter parthonylo
Netlify.app is a domain owned by Netlify - a legitimate Web hosting service that has been observed being abused by cyber criminals to host deceptive and possibly malicious content. Our researchers discovered one such page – glistening-haupia-e37bbf.netlify[.]app – while browsing suspicious website