Malware

Remove “Classified Documents” phishing email

The “Classified Documents” email is part of a phishing campaign that intends to trick users into revealing their email account passwords. The email falsely claims that the recipient has two new classified documents available and that they can be viewed by clicking on the provided link. Clicking on the link will take users to a phishing site that asks users to…

Remove “Capital One – Do you recognize this purchase” email

The “Capital One – Do you recognize this purchase” email is part of a phishing campaign that targets users’ Capital One login credentials. The phishing email claims that there was an unrecognized purchase from the recipient’s account. It’s disguised as a security notification and asks recipients to either confirm the purchase was made by them or to cancel the transaction…

Remove “Sign-in Attempt Was Blocked” email

The “Sign-in Attempt Was Blocked” email is a phishing email that aims to steal users’ email login credentials. The email falsely claims that someone tried to use the recipient’s password to sign in to their account but the attempt was blocked. The email recommends that the recipient check the account’s activity to see what happened. To do that, it provides a…

Remove “FedEx Delivery Address Confirmation” email

The “FedEx Delivery Address Confirmation” email is part of a phishing campaign disguised as a FedEx delivery notification. The phishing email targets users’ email passwords by asking users to type them to confirm the delivery of their packages. However, this is a fake package notification, and interacting with it by typing your password would lead to your account being hijacked by…

Remove “Capital One – Unusual Spending Activities Detected” email

The “Capital One – Unusual Spending Activities Detected” email is part of a phishing campaign that targets Capital One Business login credentials. The phishing email informs recipients that unusual spending activity has been detected on the account and that a message from Capital One’s Fraud Monitor Department needs to be reviewed to avoid account restrictions. The email has a button…

Remove “Capital One – Transfer Schedule” email

The “Capital One – Transfer Schedule” email is part of a phishing campaign that targets users’ Capital One login credentials. The email is disguised as a notification about an upcoming transfer of $6,920. The email has a “View transfer activity” button, which would lead users to a phishing site. Users who type in their Capital One login credentials may suffer…

Remove “Chase Account Temporarily Restricted” email

The “Chase Account Temporarily Restricted” email is part of a phishing campaign that targets users’ Chase login credentials. The email is made to look like a security alert from Chase about unusual activity on the account. Supposedly, the recipient’s account has been restricted because of a security breach. To regain access to the account, users are requested to click the…

Remove “Secure Your Trust Wallet Account” email

The “Secure Your Trust Wallet Account” email is part of a phishing campaign that targets Trust crypto wallet credentials. The email falsely claims that Trust has supposedly detected an action that requires immediate verification to secure the account. If you click on the button provided in the email, you will be taken to a phishing site that requests your recovery phrase.…

Remove “American Express – Unrecognized Transaction” email

The “American Express – Unrecognized Transaction” email is part of a phishing campaign that falsely explains users need to verify a recent transaction made from their American Express account. The email asks that recipients use the provided button to log in to their accounts. However, because this is a phishing email, the button will lead to a fake American Express site.…

Remove Sage ransomware

Sage ransomware is file-encrypting malware that targets personal files. The malware is part of the Djvu/STOP ransomware family and can be identified by the .sage extension added to encrypted files. Unfortunately, you cannot open any files with this extension unless you first use a decryptor on them, which only the malware operators currently have. Only users who have backups of…