Sage ransomware is file-encrypting malware that targets personal files. The malware is part of the Djvu/STOP ransomware family and can be identified by the .sage extension added to encrypted files. Unfortunately, you cannot open any files with this extension unless you first use a decryptor on them, which only the malware operators currently have. Only users who have backups of…
The “TNT Express” email is part of a phishing campaign that aims to steal users’ email login credentials. The email is disguised to look like a notification email from international shipping company TNT. The recipient supposedly has a package scheduled for delivery. The email has a malicious attachment, disguised as documentation related to the package. If users open the attachment, they…
The “Zoho – Review Your Outgoing Emails” email falls into the phishing scam category. The email aims to steal users’ Zoho login credentials by trying to trick users into trying to log in on a phishing site. The email falsely claims that recipients need to review their outgoing emails through Zoho’s new system. Some emails have supposedly been rejected and not…
The “Update Server Terms Now” email is part of a phishing campaign that aims to steal users’ email login credentials. The email claims that the recipient’s email account will be terminated on a specific date unless users click on the provided button to indicate that they are still using the email account. Users who interact with the email will be…
The “Email Verification Campaign” email is part of a phishing campaign that intends to steal users’ email login credentials. The email is disguised as a security alert from the recipient’s email provider and claims that they need to verify that the email account is still in use. Recipients are asked to click the provided “Verify” button to verify their accounts.…
Acrid is a stealer trojan that aims to steal users’ personal information. It’s a very serious infection that can sneak in unnoticed and may steal information from browsers, including passwords and credit card information. It also targets cryptocurrency wallets. Overall, infection can have very serious consequences, as malicious actors could not only access users’ accounts but also steal money.
…
The “Revalidate Email Or Lose Account” email is a phishing attempt that aims to steal users’ Microsoft login credentials. The email is a farily typical phishing attempt. It claims that you need to revalidate your email. If you do not, you will supposedly lose your Microsoft account permanently. The email provides a button, which will supposedly allow you to validate…
The “Review Important Messages” email is part of a phishing campaign that targets users’ email account login credentials. The email claims that users have important unread emails, which can be viewed by clicking on the “Review Messages” button. If users click on the button, they will be redirected to a phishing website that asks users to log in to their…
The “Capital One – Email Address Change” email is part of a phishing campaign that intends to gain access to users’ Capital One accounts. The email claims that the email address associated with your Capital One account has been changed, supposedly per your request. The email informs you that if you did not initiate the change, you need to secure…
“Your System Was Breached By Remote Desktop Protocol” scam email falls into the sextortion email category. The email falsy claims that users’ computers have been infected with malware that gave its operator access to the devices. Email senders claim to have made a video of the recipients watching pornography and threaten to send the video to all contacts unless users…