The “Account Password Is Old” email is part of a phishing campaign that targets users’ email login credentials. The email is disguised as a notification from the email service provider, supposedly informing users that their passwords are about to expire. The email asks that users use the provided link to either update or keep their current password before it expires.…
squetofer.com is a misleading site and aims to deceive users into enabling advertisements on their desktops. When you visit the site, you’ll see a browser alert saying “squetofer.com wants to show notifications”. This site exploits a legitimate browsing feature that allows notifications to be displayed on users’ desktops. If you click “Allow”, you grant squetofer.com permission to show notifications on…
“Pi Network Airdrop” crypto scam refers to fake websites that imitate the legitimate Pi Network Airdrop (minepi.com) website to phish users’ cryptocurrency wallet login credentials. The scam is hosted on sites like 2pidays.net and 2pidays.us, and these sites are designed to look like the legitimate minepi.com site. The scam sites promote fake airdrops. If users interact with the scam sites,…
Win.MxResIcn.Heur.Gen is a detection name used by the MaxSecure anti-virus program. There has recently been an influx of posts on various forums about MaxSecure detecting legitimate programs (e.g., Brave browser) as Win.MxResIcn.Heur.Gen. The detection is a heuristic, meaning MaxSecure considers the detected item to be behaving in a way that resembles malware. Heuristic detections do not necessarily mean malware. Users seem to…
Trojan:Win32/Znyonm is a detection name used to identify backdoor malware like Pikabot, Remcos RAT, and GuLoader. Backdoor malware is a type of infection that stays dormant on a device until it’s commanded to download another malicious payload. If no security software is installed on a device, these trojans can stay unnoticed as they do not exhibit any obvious signs of…
The “Urgent Security Alert” email is part of a phishing campaign that aims to steal users’ email login credentials. The email is disguised as a notification from the email service provider, supposedly informing users that their passwords will expire and their accounts will be restricted and even permanently deactivated. The email asks that users take immediate steps to maintain the…
The “Human Resource Internal Memo” email is part of a phishing campaign that tries to steal users’ email login credentials. The email is disguised as a notification email from the recipients’ workplace HR Department, and informs them about the 2025 Annual Salary compensation Report. Supposedly, recipients can check the report by clicking on the provided link. If users were to click…
Mzre ransomware is a file-encrypting malware that takes files hostage and demands a payment for a decryptor. It comes from the Djvu/STOP malware family, and can be differentiated from its other versions by the .mzre extension added to encrypted files. The ransomware targets personal files, so you can expect all your photos, documents, etc., to have the .mzre extension added…