kurepos.co.in is a deceptive site with no content on it. Its sole purpose is to trick users into allowing desktop ads. To do this, it misuses a legitimate browser feature that allows sites to request permission from users to show notifications. These notifications show up on the desktop and work as a way for users to keep up with the…
The “Hinkal” crypto scam refers to scams that imitate Hinkal, a legitimate crypto platform. Malicious actors have created an imitation site app-hinkal.cyou, that asks users to connect to their digital wallets. The legitimate Hinkal website is hinkal.pro. If users connect their digital wallets on the scam site, they will initiate a crypto drainer that will make unauthorized transfers and eventually drain…
flowworksfivesphere.com is a deceptive website that tries to trick users into agreeing to see desktop ads. The site is disguised as a download site, but its sole purpose is to trick users into allowing ads. It misuses a legitimate browser feature that allows sites to show notifications on users’ desktops if they are given permission. While legitimate sites may show…
Datarip ransomware is file-encrypting malware from the MedusaLocker family. This type of malware takes files hostage by encrypting them and demands payment for their recovery. Files encrypted by Datarip ransomware can be identified by the .datarip extension added to encrypted files. Unfortunately, files having that extension indicates that they have been encrypted and cannot be opened. Such files need to be…
croursem.co.in is a deceptive website that misuses a legitimate browser feature to spam users’ desktops with ads. When you get redirected to the site, you will immediately see a browser alert saying “croursem.co.in wants to show notifications”, and if you click “Allow”, you will authorize the site to show ads on your desktop. Fortunately, you can easily revoke this permission…
ARROW ransomware will take your files hostage as it’s a file-encrypting malware. You can recognize when you’re dealing with this particular ransomware when encrypted files have the .ARROW extension added to them. Unfortunately, you will not be able to open files that have this extension unless you first use a decryptor on them. However, acquiring the decryptor will not be…
The “Account Review Report” email falls into the phishing category as it tries to phish users’ email login credentials. The email is disguised as a notification from the email service provider about recipients needing to take action to prevent restricted access to their accounts. Supposedly, users’ passwords are about to expire, and they need to choose either to keep the same…
The “HEX Airdrop” scam refers to an attempt to steal users’ cryptocurrencies by imitating the legitimate Hex website. Hex is a legitimate blockchain-based certificate of deposit (CD) system, with hex.com as the official website. To take advantage of Hex’s popularity, malicious actors have created an imitation site (events-hex.net) that tries to trick users into connecting their digital wallets and initiating a…