The “Human Resource Internal Memo” email is part of a phishing campaign that tries to steal users’ email login credentials. The email is disguised as a notification email from the recipients’ workplace HR Department, and informs them about the 2025 Annual Salary compensation Report. Supposedly, recipients can check the report by clicking on the provided link. If users were to click…
Mzre ransomware is a file-encrypting malware that takes files hostage and demands a payment for a decryptor. It comes from the Djvu/STOP malware family, and can be differentiated from its other versions by the .mzre extension added to encrypted files. The ransomware targets personal files, so you can expect all your photos, documents, etc., to have the .mzre extension added…
The “Mailbox Usage Warning” email is part of a phishing campaign that targets users’ email login credentials. The email is disguised as a notification from the email service provider, informing users that their inboxes are almost full. The email does not contain a lot of information, but it implies that recipients need to free up space to continue receiving and sending…
Cdaz ransomware, or .cdaz virus, is a file-encrypting malware from the Djvu/STOP ransomware family. It’s a dangerous infection that takes all personal files on the infected device hostage and demands payment for their recovery. The ransomware can be identified by the .cdaz extension added to encrypted files. You will not be able to open files with that extension unless you…
The “We Have Your Search Requests And Webcam Footage” email is part of a sextortion scam email campaign that tries to blackmail recipients into paying $1,350. The email claims that recipients have been spied on via malware on their computers, which allowed the sender to steal search queries and make videos of recipients watching pornography. These scammers threaten to send…
Jlaz ransomware (or .jlaz virus) is file-encrypting malware from the Djvu/STOP ransomware family. Because it targets and encrypts personal files, it’s considered to be a very dangerous infection. It can be identified by the .jlaz extension added to all encrypted files. Unfortunately, you will not be able to open files with that extension unless you first use a decryptor on…
The “Data From All Your Devices Is Copied To My Servers” email is part of a sextortion email spam campaign that tries to blackmail recipients into paying $1,300. The email claims that the recipient’s computer has been infected with malware (specifically, a trojan horse), which allows its operator to monitor the infected computer. This has supposedly allowed the trojan operator to…
Yandex ransomware, also called .yandex virus, is a file-encrypting malware. It’s a type of malicious infection that takes files hostage by encrypting them. If your computer is infected with this ransomware and your files have been encrypted, they will have the .yandex extension added to them. You will not be able to open files with this extension unless you first…
The “Yamaha Baby Grand Piano” email is part of a spam campaign that intends to trick users into sending money to scammers. The email is quite short and to the point; it explains that the sender is looking to give away their late husband’s Yamaha Baby Grand piano and asks whether the email recipient would be interested. If users engage with…
The “Cloud – Your Payment Method Has Expired” email is part of a phishing campaign that targets users’ financial data, specifically their credit card information. The email claims that the recipient’s payment method has expired and needs to be updated in order to reenable cloud services. According to the email, the recipient’s account has been blocked, and all data stored in…