Our team has reviewed the email and determined that it is a phishing attempt disguised as a notification from Fidelity Investments about new account statements and disclosures. Its goal is to trick recipients into visiting a fake website and entering their personal information. This email should b
Our examination of customsearch.quickshoppers.co has revealed that it is an unreliable search engine promoted through malicious extensions. These extensions promote customsearch.quickshoppers.co by hijacking web browsers. If customsearch.quickshoppers.co appears in a browser, it is important to re
Our inspection of the "Update To Your Account Was Requested" email revealed that it is spam. This message requires the recipient to verify whether they have requested an email account update. It must be stressed that this deceptive message is not associated with any genuine entities. This phishing
After reviewing this "Email Security Protocol Update" message, we determined that it is spam. It is a fake alert regarding an employee email authentication protocol upgrade; failure to comply with which may result in account suspension. The goal of this spam campaign is to deceive recipients into
We have examined rengine[.]click and found that it displays deceptive messages to trick visitors into agreeing to get its notifications. If this permission is given, rengine[.]click can bombard users with misleading notifications that can lead them to potentially malicious websites. Once r
We have reviewed the email and found that it is a fake notification regarding a "blocked account". Its purpose is to lure recipients into opening a deceptive web page and entering personal information. Emails like this one are classified as phishing, and recipients should ignore them. This
BOFAMET is a data stealer written in the Golang programming language and designed to extract information from targeted systems. The malware is capable of stealing various files, system information, data from browsers and other apps, and more. Victims should remove BOFAMET from infected devices as
JustIce is ransomware designed to prevent victims from accessing files through encryption. Additionally, the malware appends its extension to files (".JustIce"), changes the desktop wallpaper, and provides a ransom note ("README.txt"). An example of how files encrypted by JustIce are renamed: "1.
Xentari is a ransomware written in the Python programming language. It is designed to encrypt data and demand payment for the decryption. After we executed a sample of Xentari on our test machine, it encrypted files and created a ransom note. Files encrypted by this malware have the ".xentari" ex
Xefkqo[.]info is a rogue webpage discovered by our researchers during a routine inspection of suspicious sites. Upon examination, we determined that this page endorses browser notification spam and redirects users to other (likely untrustworthy and/or malicious) websites. Most visitors to xefkqo[