While investigating this email, we found that it is a scam email written by scammers who aim to lure unsuspecting recipients into opening the attached file. Scammers disguised this email as a letter from a company called AMERICAN GLOBAL TRADE regarding a new purchase order. It is strongly recommen
We examined powersoftwarepc[.]com and learned that it is a deceptive page running the "McAfee - Your PC is infected with 5 viruses!" scam. Additionally, this website wants to show notifications. Our team discovered powersoftwarepc[.]com while analyzing shady web pages that use rogue advertising ne
RONALDIHNO ENCRYPTER is ransomware - a type of malware that uses cryptography to encrypt files (to make them inaccessible). Also, this particular ransomware appends the ".r7" extension to filenames, changes the desktop wallpaper, and creates the "READ_THIS.txt" (a ransom note). We discovered RONAL
While checking out suspicious websites, our researchers discovered the power-stability[.]com rogue page. It promotes deceptive material, pushes spam browser notifications, and redirects users elsewhere (likely untrustworthy/malicious sites). Most visitors to power-stability[.]com and similar webp
Webprotectionsurveys[.]live is a rogue site that our researchers found while inspecting dubious webpages. It operates by running scams, promoting spam browser notifications, and redirecting visitors to other (likely untrustworthy/harmful) websites. Users typically enter pages like webprotectionsu
While investigating this email, we found that it is a scam email. Scammers behind it aim to trick recipients into opening a phishing website and providing information on it. The email is disguised as an inquiry letter regarding some order. This email should be ignored, and its hyperlink should be
Text to Google Maps is described as a tool allowing users to send the selected text to Google Maps (search for selected location/address in Google Maps). However, while testing this browser extension, we found that unwanted advertisements appear while it is added to a browser. Thus, we classified
Tuow is a Djvu ransomware that encrypts files, appends its extension (".tuow") to filenames, and creates a text file ("_readme.txt") containing a ransom note. Victims cannot access/use encrypted files until they are decrypted. Our malware researchers discovered Tuow ransomware while inspecting mal
While inspecting questionable sites, we discovered the flymylife[.]info rogue webpage. It is designed to promote browser notification spam and cause redirects to other (likely untrustworthy/harmful) websites. Users typically access pages like flymylife[.]info through redirects caused by websites t
Rugby Start is a rogue browser extension that our research team found during a routine investigation of untrustworthy websites. This piece of software is promoted as a quick-access tool for Rugby results and related news. After analyzing Rugby Start, we determined that it operates as a browser hij