The “Capital One – Unlock Your Account Access” email is part of a phishing campaign that targets Capital One customers. The email tries to steal users’ Capital One online bank login credentials by trying to trick them into typing them on a phishing site. The email is disguised as a notification from Capital One, informing users about an issue with a…
The “Mailbox Storage Notification” email is a phishing attempt that intends to steal users’ email login credentials. The email falsely informs recipients that their mailbox storage is approaching its limit, as 85% of its capacity has been filled. Recipients are warned that if they do not free up storage, they may become unable to send or receive new emails. The email…
The “Unsuccessful Mail Delivery Report” email is part of a phishing campaign that tries to steal users’ email login credentials. The email is disguised as a notification, supposedly informing users about some of their emails not being delivered due to low bandwidth. The email suggests that users release the emails by clicking on the provided button. However, users who interact…
Govcrypt ransomware is a file-encrypting malware based on the Chaos ransomware. The ransomware targets personal files and makes them unopenable by encrypting them. The ransomware can be identified by the .govcrypt extension added to encrypted files. Files with that extension will be unopenable unless you first put them through a decryptor. However, acquiring the decryptor will not be easy, as…
LegionRoot ransomware is file file-encrypting malware that will take files hostage by encrypting them. It is a very dangerous type of malware because once files are encrypted, it will not necessarily be possible to recover them. Encrypted files will have a random 10-character string attached to them, allowing you to quickly identify which files have been affected. Unfortunately, all personal…
Bbq ransomware is file-encrypting malware from the Makop ransomware family. It’s a dangerous infection that takes files hostage by encrypting them and demands a payment for their recovery. This ransomware can be identified by the .[dashboard487@onionmail.org].bbq46 extension added to encrypted files. Files with that extension will not be openable unless they’re first put through a decryptor, which only the malicious…
The “Account Verification Alert” email is part of a phishing campaign that aims to steal users’ email login credentials. The email claims that users need to verify their email accounts to avoid “obstruction of service or account deletion”. A deadline of 3 days is given to complete the verification process. If users interact with the email and try to “verify”…
The “Claim Fomo” scam refers to a fake fomo website that tries to trick users into connecting their crypto wallets. fomo is a social trading platform that allows users to see trading profiles of the people they follow and keep track of what other users buy/sell. Malicious actors have created a nearly identical website (claim-fomo.family) that claims users can participate…
Se7en ransomware is malware that encrypts files. It uses military-grade encryption to essentially lock files and prevent users from being able to open them. Se7en ransomware adds the .se7en extension to encrypted file names so users will immediately know which files have been affected. Unless victims get their hands on a decryptor, they may not necessarily be able to recover their…
PLU ransomware is a malicious malware infection that encrypts files. The infection uses complex encryption algorithms to encrypt files and makes them unopenable unless a decryptor is first used. This ransomware can be identified by the extension that ends in .plu that gets added to all encrypted files. The malicious actors operating this ransomware demand a payment for the decryptor,…