GURAM ransomware is a file-encrypting type of infection that essentially takes files hostage. The ransomware targets all personal files, encrypts them, and demands payment for their recovery. The ransomware can be identified by the extension it adds to encrypted files. Specifically, it adds a .{victims’ IDs}.GURAM to file names. Files that have this extension will not be openable unless you…
“Attempt To Log Into Your Gmail Account” pop-up scam refers to a fake pop-up alert, falsely claiming that someone tried to log in to your Gmail account. If you engage with the pop-up, you will get an additional pop-up claiming someone has hacked your Gmail account. The fake pop-ups are trying to phish users’ personal information or to get them…
EasyPDFCombine is advertised as a useful extension but it’s classified as a browser hijacker. It’s supposed to be a tool that makes converting files easier but it disrupts the browsing experience by forcing users to use a dubious search engine (hp.myway.com) that inserts sponsored search results among legitimate ones in order to redirect users to sponsored websites. EasyPDFCombine is not a…
PlainGnome Android malware is a stealer trojan that targets Android devices. The trojan is believed to be operated by Gamaredon, a threat actor affiliated with the Federal Security Service of the Russian Federation (FSB). The malware appears to target Russian-speaking users in former USSR states, such as Uzbekistan, Kazakhstan, and Kyrgyzstan. The malware intends to steal information like call logs,…
The “Removal Of Dormant/Inactive Accounts” email is part of a phishing campaign targeting users’ email account credentials. The email falsely informs the recipient that they must confirm that their account is still active by clicking the provided button. Otherwise, the email account will supposedly be deleted if it’s not confirmed. However, if users engage with the email, they will get…
The “Some-one Try To Login Into Your Mailbox Address” email is part of a phishing campaign that aims to steal users’ email login credentials. The email claims that someone tried to log into the recipient’s email account, and if the recipient wants to continue using the account, they need to verify their account by clicking on the provided link. If…
“Brad Garlinghouse Crypto Giveaway” is a scam that claims participants can get double any cryptocurrency they send to the provided wallet addresses. This is a fairly typical crypto giveaway scam in the sense that it claims a high-profile individual will double any amount of cryptocurrency sent to them. In this case, the supposed organizer is Brad Garlinghouse, CEO of Ripple Labs,…
streamcurrentoverlythe-file.top is a very generic website that misuses a legitimate browser feature to spam users’ screens with ads. If you get redirected to it, you will immediately get a browser alert saying “streamcurrentoverlythe-file.top wants to show notifications”. This is a legitimate feature and sites can request permission to show users notifications that appear on the desktop. Legitimate sites show useful…