The “We Hacked Your System” email falls into the sextortion scam category. The email claims that the recipient’s computer was infected with a virus when they visited a pornography website. The supposed malware gave its operators full access to the infected computer, which allowed them to spy on the recipient. The malicious actors behind this email claim to have made a…
DarkMystic (BlackBit) ransomware is file-encrypting malware from the BlackBit malware family. It’s a very dangerous infection that takes files hostage by encrypting them and demands payment for their recovery. The ransomware can be identified by the .darkmystic extension it adds to encrypted files. You will not be able to open these files unless you first use a decryptor program on them.…
The “Standard Bank – VAT Increase” email is part of a phishing campaign that aims to steal users’ online bank login credentials. It’s a fairly generic phishing campaign that should be immediately recognizable by many users. The email claims that South Africa’s finance minister has announced that VAT rates will increase from 15% to 15.5% from 1 May 2025. The email…
Craxsrat ransomware is malware that encrypts files. It’s a very serious malware infection that essentially takes personal files hostage. It targets all important files (e.g. photos, documents, etc.) and demands users pay for a decryptor to get them back. The ransomware can be identified by the .craxsrat extension added to encrypted files. Dealing with ransomware is tricky as even paying the…
The “IMAP/POP3 Mail Delivery Incomplete” email is a phishing attempt that tries to trick you into revealing your email login credentials. The email claims that 5 emails have been undelivered to your inbox because of server issues. The email offers you two choices, to delete or receive the 5 undelivered emails. Whatever you click on, you will be redirected to…
euchakedne.com is a scam website that tries to trick users into allowing desktop ads. When you get redirected to the site, you will immediately get a browser alert saying “euchakedne.com wants to show notifications”. The site is using a legitimate feature, which is why you’ll start getting ads on your desktop if you click “Allow”. Not only will these ads…
Nanocrypt ransomware is file-encrypting malware. It’s a type of infection that takes users’ personal files hostage and demands payment for their recovery. When ransomware encrypts files, it adds an extension, which in this case is .ncrypt. Unfortunately, encrypted files will be unopenable unless they are first decrypted using a special decryptor. The only ones who have the decryptor are the…
RestoreBackup ransomware is file-encrypting malware. It’s a very serious infection that essentially takes files hostage and demands payment for their recovery. If your computer is infected and your files are encrypted, the files will have an .{random string of characters}.restorebackup extension added to them. Unfortunately, unless you use a specific decryptor on them, you will not be able to open…
The “Email Credentials Protection” email will try to phish your email account login credentials. The email falsely claims that your login credentials are about to expire, but you can keep them if you click on the provided button. However, if you were to engage with the email, you would be redirected to a phishing site that asks you to log…
The “Sign-in From Unauthorized Geolocation” email is part of a phishing campaign that aims to steal your email login credentials. The email falsely claims that someone tried to log in to your email account from an unauthorized geolocation. The email asks that you reset your password if you do not recognize the login attempt. However, if you were to click…