While inspecting rogue websites, our research team found a webpage promoting the "Windows Firewall Protection Alert" technical support scam. This scheme closely mimics Microsoft's official website and Windows Security – the front-end of Microsoft Defender. The fake interface performs a system sca
This is a fake letter from PayPal claiming that a certain amount of money will be deducted from the user's account. Scammers behind it attempt to trick recipients into calling the provided number. The PayPal company has nothing to do with this email. Thus, this letter should be ignored. Re
Popup Blocker Gold is marketed as a browser extension that blocks advertisements, but while testing it, we found that it actually generates advertisements, making it an advertising-supported application. It is worth noting that adware is often distributed/promoted using questionable methods. Thus,
We have determined that this letter is an investment scam email. The individuals behind this scam purport to be interested in investing in a business and request the recipient's assistance with receiving and securing funds. Such scam emails are frequently used to obtain money and (or) personal inf
Our researchers found the cvgdownthe[.]xyz rogue page during a routine inspection of suspicious websites. This site employs fake CAPTCHA verification to deceive visitors into enabling it to deliver spam browser notifications. Additionally, it can redirect users to different (likely unreliable/mali
While investigating dubious websites, our research team discovered the Shopping Pal browser extension. It promises easy access to exclusive deals straight from the Google search engine. However, our inspection of the Shopping Pal extension revealed that it is adware. Adware stands for adve
After inspecting the "Investment Into Building Homes For Orphans" email, we determined that it is spam. The letters belonging to this campaign use a scam model in which the recipients are promised exorbitant amounts of money. This spam mail aims to extract personally identifiable information and m
While examining malware samples submitted to VirusTotal, our team discovered a ransomware variant belonging to the Phobos family dubbed Unknown. This ransomware encrypts files and modifies their filenames, and provides two ransom notes (creates "info.hta" and "info.txt" files). Unknown ransomware
Creal is a stealer-type malware written in the Python programming language. Malicious programs within this classification are created for the purpose of stealing sensitive information. Creal targets log-in credentials, data related to messaging software, cryptocurrency wallets, and other vulnerabl
While examining pages that use rogue advertising networks, we discovered yournicejournal[.]com. This website uses a clickbait technique to trick visitors into agreeing to receive notifications. Also, yournicejournal[.]com redirects to other websites. Thus, this page should not be trusted/visited.