Buyadvupforgroup[.]com is a rogue page that our researchers discovered while inspecting dubious websites. We found two appearance variants of this webpage. It operates by promoting spam browser notifications and redirecting users to different (likely unreliable/dangerous) sites. Most users access
Our inspection of the "Email Verification Alert" letter revealed that it is spam. The scam email states that due to declined upgrades, the recipient's mailbox cannot process incoming messages. This spam mail aims to trick users into visiting the promoted phishing website. The email with th
After inspecting the "Fill The Sars" email, we determined that it is spam. The letter instructs to fill out the attached form, which is actually a phishing file that targets recipients' email account log-in credentials. The spam email with the subject "PAYMENT NOTIFICATION FROM SARS" (may
After examining the "EMAIL ACCOUNT SHUTDOWN REQUEST" email, we determined that it is spam designed to operate as a phishing scam. This fake letter states that the recipient's mail account will be deactivated as per their request, but the process can be stopped if appropriate action is taken. The
Our research team discovered the newcaptchahere[.]top rogue page while investigating dubious websites. It is designed to promote browser notification spam and redirect users to other (likely unreliable/hazardous) sites. Most visitors to pages like newcaptchahere[.]top access them via redirects ca
Our inspection of the "Human Development Grant" email revealed that it is spam. This scam letter makes claims about the recipient having been chosen to receive a massive amount of money from the "2023 United Nations Reimbursement program". It must be emphasized that all these claims are false, an
Upon examining webuddingroup[.]com, we learned that this page is designed to trick users into subscribing to push notifications. Webuddingroup[.]com displays deceptive content and redirects visitors to other unreliable websites. It is uncommon for sites like webuddingroup[.]com to be visited on pu
We discovered theoverheat[.]com rogue webpage while investigating suspicious websites. It is designed to push browser notification spam and redirect visitors to other (likely unreliable/dangerous) sites. Users typically access pages like theoverheat[.]com via redirects caused by websites using rog
While examining malware samples submitted to VirusTotal, our team discovered ransomware belonging to the MedusaLocker family dubbed Attackuk. The purpose of Attackuk is to encrypt data. Also, it provides a ransom note ("How_to_back_files.html") and appends its extension (".attackuk") to filenames.
Getoverenergy[.]com is a rogue webpage that we discovered during a routine inspection of untrustworthy sites. It operates by promoting browser notification spam and redirecting users to different (likely dubious/malicious) websites. Most visitors to getoverenergy[.]com and pages akin to it – acce