We have inspected this email and found that it is a phishing scam. While it poses as a security alert from Bank of America, the link it contains leads to a fraudulent page intended to steal email account credentials rather than banking details. Recipients should ignore and delete the email to avoi
During our examination of claim.avantishub[.]org, we found that this page promotes a fake "$AVNT Token Airdrop 2" campaign. The site is designed to deceive visitors into connecting their cryptocurrency wallets, which triggers a drainer that transfers their funds to the attackers. IMPORTANT N
We have examined this email and concluded that it is a phishing message disguised as a payment approval notification from American Express. The email tries to push recipients toward a fake American Express login page where the entered credentials are harvested by scammers. This email should be ign
Our analysis has revealed that this is a fake email posing as an important notice from American Express, a legitimate American bank holding company. The purpose of this email is to lure recipients into a fake website designed to harvest personal information. Emails like this are classified as phis
We have examined this email and concluded that it is a scam. The message is disguised as a billing alert from AT&T, falsely claiming that the recipient's payment could not be processed and urging them to update their payment information. It is a phishing email designed to steal personal and fi
NexusRAT is a remote access trojan (RAT) that uses overlay attacks and keylogging to steal banking credentials. Its behavior is commonly associated with banking Trojans. Typically, cybercriminals use malicious tools like NexusRAT to harvest data that can be misused for account hijacking and financ
NBLock Black is ransomware that our team has discovered during an examination of malware samples uploaded to VirusTotal. Our analysis shows that NBLock Black encrypts files and modifies filenames. It changes filenames to a random string and appends a random extension. For example, it tenames "1.jp
Our investigation of gitlawb[.]info found that this page imitates the legitimate gitlawb platform (gitlawb.com) and runs a fake voting rewards campaign. The site claims that participants who vote on a rewards distribution date will receive a 1.25x boost to their "claiming power." In reality, it is
We have analysed the site (claim-kaio[.]xyz) and concluded that it poses as the original KAIO website (kaio.xyz) and promotes a fake cryptocurrency airdrop. Its purpose is to deceive visitors into taking actions leading to the theft of their cryptocurrency holdings. This scam page should be ignore
While investigating suspicious websites, our researchers came across pendle-governance[.]app, a page impersonating the Pendle Finance platform. The site promotes a fake community voting event, claiming users who participate will receive a bonus $PENDLE token allocation. This is a fraudulent page d