We have examined protectusonline[.]xyz and learned that it runs the "McAfee - Your PC is infected with 5 viruses!" scam. Protectusonline[.]xyz displays deceptive content (fake virus messages) to trick visitors into believing that their computers are infected and purchasing antivirus software. This
After inspecting this letter, we concluded that it is a scam email written by scammers who aim to lure recipients into providing sensitive information. It is disguised as a letter from an email service provider and contains a link to a phishing website. This scam email should be ignored. T
Mzqw is ransomware belonging to the Djvu family. Our malware researchers discovered Mzqw while analyzing samples submitted to VirusTotal. Ransomware is a type of malware that encrypts files. In addition to encrypting data, Mzqw appends ".mzqw" extension to filenames and drops a ransom note (the "_
While inspecting deceptive sites, our researchers discovered the Today Weather browser extension. It is presented as a quick access tool to weather forecasts and related content. After examining this extension, we determined that Today Weather operates as advertising-supported software (adware).
While checking out questionable websites, our researchers discovered the fasterpcnetwork[.]com rogue page. It runs scams, promotes browser notification spam, and redirects visitors to other (likely untrustworthy/malicious) sites. Most users access such webpages via redirects caused by sites that u
Our research team found the GlossGlamor app during a routine inspection of new submissions to VirusTotal. Our analysis of this piece of software revealed that GlossGlamor is adware belonging to the AdLoad malware family. It operates by running intrusive ad campaigns (displaying adverts) and may
The "Your Account Is Set To Close" email is spam, presented as a notification from Microsoft. This fake letter claims that the recipient's email account will be closed unless action is taken. Our inspection of this email revealed that it operates as a phishing scam targeting log-in credentials.
Our research team discovered the BoY ransomware-type program while reviewing new submissions to VirusTotal. This malicious program is part of the Xorist ransomware family. Malware within this classification operates by encrypting data and demanding payment for decryption. On our test machine, BoY
Our team has tested the LifeProxy application and found that it operates as adware. While installed, LifeProxy displays unwanted advertisements. Also, this app can read sensitive information. Most users download and install adware unknowingly since it is often promoted and distributed using shad
While analyzing q3rrassa[.]click, we learned that it runs the "McAfee - Your PC is infected with 5 viruses!" scam. This page uses a scare tactic to trick visitors into believing that their computers are infected and purchasing a legitimate antivirus solution. Also, q3rrassa[.]click asks for permis