rchesasider[.]top is a rogue website designed to present visitors with dubious content and/or redirect them to other untrusted or even malicious pages. The internet is full of similar sites, including pectionexa.top, mylot.com, undertain.work and finvesterns.work to list just some examples. Users
pectionexa[.]top is one of many websites that users often visit unintentionally. These web pages are promoted by various potentially unwanted applications (PUAs). Note that PUAs also serve ads and gather data. They are classified as PUAs because, in most cases, users download and install them inad
FLAMINGO is a ransomware-type program. Systems infected with this malware experience data encryption and users receive ransom demands for decryption. When FLAMINGO encrypts, all affected files are renamed following this pattern: "[developer_email][ID=victim_ID]original_filename.FLAMINGO". For exa
EQSearch promotes searcheq.com, the address of a fake search engine. Like most browser hijackers, it achieves this by changing certain browser settings. Commonly, these apps monitor and record details relating to users' browsing habits. Typically, people download and install browser hijackers ina
Firmadatalari is a malicious program from the Scarab ransomware family. Like most ransomware-type programs, it encrypts and renames files, and creates a ransom message. Firmadatalari renames files by replacing their filenames with a string of ransom characters and appending the ".firmadatalari" ex
Spark Search is a browser hijacker which promotes tailsearch.com, a fake search engine. It can also read browsing history. Typically, users download and install browser hijackers inadvertently and, therefore, they are classified as potentially unwanted applications (PUAs). Typical browser hi
Keysite is rogue software categorized as a browser hijacker. Following successful infiltration, Keysite begins promoting keysearchs.com (a fake search engine). Browser hijackers typically promote bogus search engines by making modifications to browser settings, however, Keysite operates in this ma
securitymobile[.]club is one of many deceptive websites that display fake virus alerts, errors, and other notifications. The main purpose of these web pages is to trick visitors into downloading and installing potentially unwanted applications (PUAs) that will supposedly solve the detected probl
"Email Quarantine" refers to a phishing spam email campaign. The term "spam campaign" is used to define a mass-scale operation, during which thousands of deceptive emails are sent. The messages distributed through the "Email Quarantine" campaign claim that users have several incoming emails, which
Scammers behind lottery scams send notifications stating that the recipient has won some money or another prize. Typically, they send such notifications via email, text messages, and social media. They exploit names of existing lottery companies/organizations to deceive users into believing that