Our researchers discovered the "MetaMask Identity Verification" phishing scam while browsing suspicious websites. It is presented as a MetaMask page for verifying user identity in order to set up interaction with digital currencies. The goal of this scam is to deceive victims into disclosing priva
Our researchers discovered this fake "Niche Baby ($BABY)" airdrop during a routine investigation. This scam functions as a cryptocurrency drainer – by siphoning funds from exposed digital wallets. It must be emphasized that this deceptive website is not associated with the real Niche Baby. I
We have checked the email and found that it is a phishing attempt. It is disguised as an estate recovery notice to trick recipients into replying. It seems that scammers behind it aim to steal personal information and possibly money from unsuspecting recipients. This fraudulent message should be i
Our analysis reveals that join-tbysol[.]xyz is a fraudulent website that mimics the original Toby site (tobyrobot.com). The fake page lures unsuspecting visitors with a cryptocurrency giveaway. Victims of this scam may have their crypto holdings stolen. Thus, this fake site should be avoided.
Our team has inspected ShadowLock (which we found while inspecting samples on VirusTotal) and concluded that it is ransomware that blocks access to files by encrypting them. It also changes filenames (by appending the ".LOCKEDxX" extension) and provides a ransom note, which is a full-screen image.
Gocenumpy[.]com is a rogue page discovered by our researchers while browsing suspicious sites. Upon examination, we learned that it promotes browser notification spam and generates redirects to other (likely unreliable/harmful) websites. Most visitors access gocenumpy[.]com and analogous webpages
Upon inspecting news-huyago[.]com, we concluded that it is a deceptive page because it uses clickbait to obtain permission to show notifications. If visitors allow the site to do so, it can deliver unwanted notifications containing fake warnings, offers, or similar content. Users should not trust
We have discovered that sesifors[.]com relies on clickbait to trick visitors into allowing notifications. Once permitted, the site may send fake alerts, misleading offers, and other deceptive messages that direct users to potentially malicious websites. Overall, sesifors[.]com is not a trustworthy
We have inspected the website (usacoinsol[.]xyz) and concluded that it promotes a fake airdrop. These “airdrops” are typically used to deceive users into believing they will receive free cryptocurrency, while manipulating them into actions that benefit scammers. Falling for such scams can result i
While browsing suspicious websites, our researchers found this fake "Wojak" airdrop. Upon further inspection, we determined that this deceptive page operates as a cryptocurrency drainer. Essentially, this scam steals funds from compromised digital wallets. IMPORTANT NOTE: We do not review cr