Rea is ransomware that belongs to the Dharma family. Our malware analysts discovered Rea during an examination of samples submitted to VirusTotal. The main purpose of Rea is to encrypt files and demand ransom in return for their decryption. It displays a pop-up window and creates the "info.txt" fi
After reviewing this email, our team has concluded that it is a fraudulent email intended to deceive recipients into divulging sensitive information or making payments. The scam aims to make recipients believe that they have received a legitimate business proposal. Emails of this kind should be di
Our research team found the cfrsoft[.]com rogue site during a routine investigation of untrustworthy webpages. It is designed to push spam browser notifications and redirect visitors to other (likely untrustworthy/dangerous) websites. Users typically access pages like cfrsoft[.]com through redirec
Buyadvupforgroup[.]com is a rogue page that our researchers discovered while inspecting dubious websites. We found two appearance variants of this webpage. It operates by promoting spam browser notifications and redirecting users to different (likely unreliable/dangerous) sites. Most users access
Our inspection of the "Email Verification Alert" letter revealed that it is spam. The scam email states that due to declined upgrades, the recipient's mailbox cannot process incoming messages. This spam mail aims to trick users into visiting the promoted phishing website. The email with th
After inspecting the "Fill The Sars" email, we determined that it is spam. The letter instructs to fill out the attached form, which is actually a phishing file that targets recipients' email account log-in credentials. The spam email with the subject "PAYMENT NOTIFICATION FROM SARS" (may
After examining the "EMAIL ACCOUNT SHUTDOWN REQUEST" email, we determined that it is spam designed to operate as a phishing scam. This fake letter states that the recipient's mail account will be deactivated as per their request, but the process can be stopped if appropriate action is taken. The
Our research team discovered the newcaptchahere[.]top rogue page while investigating dubious websites. It is designed to promote browser notification spam and redirect users to other (likely unreliable/hazardous) sites. Most visitors to pages like newcaptchahere[.]top access them via redirects ca
Our inspection of the "Human Development Grant" email revealed that it is spam. This scam letter makes claims about the recipient having been chosen to receive a massive amount of money from the "2023 United Nations Reimbursement program". It must be emphasized that all these claims are false, an
Upon examining webuddingroup[.]com, we learned that this page is designed to trick users into subscribing to push notifications. Webuddingroup[.]com displays deceptive content and redirects visitors to other unreliable websites. It is uncommon for sites like webuddingroup[.]com to be visited on pu