Track Global Malware Trends
View the trending of malware based on the "detection count" reports of threats found in infected PCs and volume levels which reflect malware infection rates. For real-time data on malware outbreaks worldwide, visit MalwareTracker.

Top Security News

Top 20 Countries Found to Have the Most Cybercrime
Have you ever wondered which countries face the most cybercrime? If you have ever wondered which countries have the most cybercrime, then you may be surprised to know that there are few contributing factors that attract cybercriminals to specific regions of the world. Security research firm,...
Spam Alert: Phishing Email Scam Titled ‘Bank of America Alert: Account Suspended’
We recently discovered a new phishing scam from a Bank of America spam email message that attempts to warn a computer user of an 'invalid login' resulting in a 'suspended banking account'. The spam message is ultimately a phishing scam that tries to lure computer users to a phishing site to...
Top 5 Popular Cybercrimes: How You Can Easily Prevent Them
Over the course of the past few years, hackers and cybercrooks armed with sophisticated malware have stolen literally hundreds of millions of dollars from online banking accounts and individuals all over the world. We have said it many times before in recent articles , the days of robbing...

Top Articles

Play-bar.net

The Play-bar.net search aggregator is similar to Ultimate-search.net , and it is a questionable service that is promoted by a browser hijacker. The Play-bar.net site is operated by Blisbury LLP and features a small search bar, a weather forecast in the top right corner and a clock widget in the top left corner. Additionally, the Play-bar.net site may offer users to play Adobe Flash games on online gaming platforms like Princess Games , GamesRockit and TikiArcade . The browser hijacker related to Play-bar.net is written with the purpose of diverting the Internet traffic of infected users to Play-bar.net and earn affiliate revenue. The Play-bar.net browser hijacker may modify your DNS settings and change your default search aggregator, homepage and a new tab to Play-bar.net. The Play-bar.net browser hijacker might edit your Windows...

Posted on October 14, 2015 in Browser Hijackers

Cerber Ransomware

The Cerber Ransomware is a ransomware infection that is used to encrypt the victims’ files. The Cerber Ransomware adds the extension CERBER to every file that the Cerber Ransomware encrypts. After the Cerber Ransomware has encrypted some of the files of the victim, the Cerber Ransomware demands the payment of a ransom in exchange for the decryption key. According to Cerber Ransomware’s ransom note, computer users have one week to pay the ransom amount before this amount is doubled. As the Cerber Ransomware encrypts the victim’s files, it creates TXT, HTML, and VBS files named ‘DECRYPT MY FILES’ with instructions on how to pay the Cerber Ransomware’s ransom. These files are dropped on every folder that contains files that were encrypted by Cerber Ransomware. According to these ransom notes, the...

Posted on March 4, 2016 in Ransomware

Cerber3 Ransomware

The Cerber3 Ransomware is a new version of a well-known ransomware Trojan. The Cerber Ransomware Trojan now uses a slightly different method during its attack. The main difference is that the files infected by the Cerber3 Ransomware can be identified through the use of .CERBER3 as the extension that identifies the files that have been encrypted in the attack. PC security analysts had observed a Cerber2 variant of this attack previously. This numbering system may indicate new versions of software, and threats are no exception. The appearance of the Cerber3 Ransomware indicates that the Cerber ransomware family is being developed and updated currently. The Cerber3 Ransomware was discovered recently, around the end of August of 2016. The Cerber3 Ransomware presents minor differences from previous versions of this threat. However,...

Posted on September 1, 2016 in Ransomware

DNS Unlocker

The DNS Unlocker is adware that has caught the attention of PC security researchers. Many computer users have been using programs like the DNS Unlocker to bypass region-locking components in online applications. The DNS Unlocker, in particular, has been advertised as a way for computer users to access Netflix for regions outside of their location. PC security analysts strongly recommend against this approach. There are numerous applications available that supposedly allow computer users to modify their IP or connect to certain websites that are blocked for certain regions. However, this is a common way for adware developers to distribute their low-level and mid-level threats. In several situations, it may be better to avoid using these types of components or looking for reputable options even if they are slightly more expensive than...

Posted on June 15, 2015 in Adware

Tavanero.info

Tavanero.info is a bogus search engine that is associated with a PUP (Potentially Unwanted Program). Tavanero.info attempts to mimic the look and feel of the Google search engine to mislead computer users. Tavanero.info uses the Google logo colors in its layout and even includes the term ‘GoogleTM Custom Search,’ despite the fact that Tavanero.info has no affiliations with Google. Tavanero.info should be considered for what it is, a bogus search engine that may be used to expose computer users to potentially harmful online advertisements and content. There is no legitimate connection between Tavanero.info and Google, despite this fake search engine’s claims. Tavanero.info is linked to a type of PUP known as a browser hijacker, mainly because these components may be used to hijack the computer users’ Web...

Posted on September 6, 2016 in Browser Hijackers

Tech-connect.biz

If Tech-connect.biz start appearing as your homepage and search engine, this means that your computer is housing a browser hijacker. Then you wonder how it could have happened if wasn’t you who introduced Tech-connect.biz on your machine. The answer is very simple; browser hijackers may be part of the installation of a free software you downloaded from the Web recently. This is a well-used method since the computer users may be in a hurry when installing the free program they need and instead of choosing ‘Advanced’ or ‘Custom,’ used the quickest installation method, skipping its EULA and additional details, giving the browser hijacker, adware, and PUPs, the permission to be installed unknowingly. Although not threatening, Tech-connect.biz may cause a series of inconveniences to the computer users, such as...

Posted on September 15, 2016 in Browser Hijackers

Antivirus Security Pro

Antivirus Security Pro screenshot

Antivirus Security Pro is a rogue security application that belongs to a large family of rogue security software known as . Antivirus Security Pro is a fake security program that is disguised as a legitimate anti-virus application. Antivirus Security Pro does this by displaying false positives and bogus security warnings on the victim’s computer. There are several ways in which criminals distribute Antivirus Security Pro, including malicious attack websites and spam email messages containing malicious attachments. Security analysts consider that Antivirus Security Pro presents a threat to your computer. Because of this, ESG security researchers strongly recommend that computer...

Posted on August 22, 2013 in Rogue Anti-Spyware Program

Zepto Ransomware

The Zepto Ransomware is a variant of the Trojan Locky Ransomware . The Zepto Ransomware is designed to infect all versions of the Windows operating system, from Windows XP all the way to Windows 10. Ransomware Trojans like the Zepto Ransomware are especially threatening because, even if removed, the victim’s files will still be inaccessible. Essentially, the Zepto Ransomware takes the victim’s files hostage, encrypting them and demanding the payment of a ransom to decrypt them. Since the files encrypted by the Zepto Ransomware are impossible to recover without access to the decryption key, PC security analysts advise that computer users take immediate preventive measures to avoid becoming victims of this and similar ransomware Trojan attacks. When the Zepto Ransomware is installed on the victim’s computer, it...

Posted on June 29, 2016 in Ransomware

CryptoLocker Ransomware

CryptoLocker Ransomware screenshot

The CryptoLocker Trojan is a ransomware infection that encrypts the victim’s files. CryptoLocker may typically be installed by another threat such as a Trojan downloader or a worm. Once CryptoLocker is installed, CryptoLocker will search for sensitive files on the victim’s computer and encrypt them. Essentially, CryptoLocker takes the infected computer hostage by preventing access to any of the computer user’s files. CryptoLocker then demands payment of a ransom to decrypt the infected files. CryptoLocker is quite harmful, and ESG security analysts strongly advise computer users to use an efficient, proven and updated anti-malware program to protect their computer from...

Posted on September 11, 2013 in Ransomware

CryptoWall Ransomware

CryptoWall Ransomware screenshot

The CryptoWall Ransomware is a ransomware Trojan that carries the same strategy as a number of other encryption ransomware infections such as Cryptorbit Ransomware or CryptoLocker Ransomware . The CryptoWall Ransomware is designed to infect all versions of Windows, including Windows XP, Windows Vista, Windows 7 and Windows 8. As soon as the CryptoWall Ransomware infects a computer, the CryptoWall Ransomware uses the RSA2048 encryption to encrypt crucial files. Effectively, the CryptoWall Ransomware prevents computer users from accessing their data, which will be encrypted and out of reach. The CryptoWall Ransomware claims that it is necessary to pay $500 USD to recover the encrypted...

Posted on May 12, 2014 in Ransomware

Trojan.BAT.Qhost

Trojan.BAT.Qhost is a malicious program that may deteriorate the general performance of a computer system. Trojan.BAT.Qhost may make a compromised PC vulnerable to other malware attacks, putting a victim’s private information at risk of crimes such as Identity theft. Victims can remove Trojan.BAT.Qhost with anti-spyware or anti-virus software.

Posted on November 20, 2009 in Trojans

HackTool:Win32/Keygen

HackTool:Win32/Keygen is a malicious Windows platform tool. HackTool:Win32/Keygen is used to generate keys for illegitimately-obtained versions of different software products. HackTool:Win32/Keygen may also download harmful files and deteriorate the performance of a system. Use an effective malware removal tool to remove HackTool:Win32/Keygen from your system. HackTool:Win32/Keygen may be used primarily for malicious purposes. A system with HackTool:Win32/Keygen installed may be susceptible to being infiltrated by a remote user. HackTool:Win32/Keygen software could generate software keys for applications installed that may eventually hold the PC users responsible for illegal usage. It would be wise to eliminate HackTool:Win32/Keygen to avoid those circumstances.

Posted on September 30, 2010 in Trojans

From Doc to Pdf Toolbar

The From Doc to Pdf Toolbar is a creation of Mindspark Interactive Network Inc. and a Possibly Unwanted Program that computer users can download from its website, Fromdoctopdf.com. The From Doc to Pdf Toolbar may attract the attention of computer users that need to convert their files to .docs because it promises to convert PDF, DOC, TXT, RTF, XLS, PPT, BMP, JPG, TIFF and more to .doc as long as they are installed on a computer running Windows 7, 8, 10, Vista, and XP. However, the From Doc to Pdf Toolbar may replace your new tab page or homepage to MyWay.com. Although downloaded and installed by the computer owner, the offered functions of From Doc to Pdf Toolbar may be unwanted. If you installed the From Doc to Pdf Toolbar on your machine but is not satisfied with its adverse secondary effects, you should consider uninstalling From...

Posted on July 24, 2013 in Potentially Unwanted Programs

Mapsgalaxy Toolbar

The Mapsgalaxy Toolbar is a Potentially Unwanted Program (PUP) that may cause various unwanted actions on web browsers. You can find the official site of the Mapsgalaxy Toolbar on Free.MapsGalaxy.com/index.jhtml. It is offered to users free of charge and claims to deliver the best directions and mapping tools on the Web. Some users may think that the Mapsgalaxy Toolbar is the perfect travel companion and wish to install it on their laptop. The Mapsgalaxy Toolbar is available for Mozilla Firefox and Google Chrome as a CRX, XPI file, or .exe file. However, the Mapsgalaxy Toolbar is categorized as a PUP or Potentially Unwanted Program. Although the Mapsgalaxy Toolbar may have some legitimate uses, it may be associated with other search engines and potentially misleading advertisements. Inconvenient Alterations Linked to the Mapsgalaxy...

Posted on September 10, 2013 in Potentially Unwanted Programs

Elex Hijacker

The Elex Hijacker is a Web browser hijacker that may take over a Web browser, change its homepage and other settings and prevent computer users from restoring their Web browser to its default setting. The Elex Hijacker may be associated with a variety of other unwanted symptoms. The main reason that makes the Elex Hijacker is considered a browser hijacker is because its main purpose is to take over a Web browser to force computer users to view certain websites repeatedly and open new Web browser windows and tabs while the computer users attempt to use their computers. The Elex Hijacker is promoted as a useful Web browser extension or add-on. However, PC security researchers have determined that the Elex Hijacker does not offer any useful or beneficial service. Rather, the Elex Hijacker is designed to make money at the expense of...

Posted on December 12, 2015 in Browser Hijackers

NavSmart

The NavSmart browser add-on is promoted via freeware bundles as a hybrid between the Yellow Pages and Google that can deliver relevant search results and smart suggestions. The NavSmart browser add-on claims to improve the users’ Internet experience by modifying their Web browser and users may find that their homepage and default search provider are changed to Navsmart.info. The NavSmart add-on may be compatible with most modern browsers, and it may run as a background system service. Web surfers may find the Navsmart.info page useful because it has links to many services, ranging from social media and email providers to online backup repositories and entertainment centers. Also, users have the option to choose links from curated categories and plan their Internet session in advance. You should note that advertisements support...

Posted on June 14, 2016 in Browser Hijackers

Cerber 4.0 Ransomware

The Cerber 4.0 Ransomware represents the next generation in development of the ‘.cerber’ line of encryption Trojans. The Cerber 4.0 Ransomware joins other threats like the ORX-Locker and the Stampado Ransomware , which are offered as Ransomware-as-a-Service package. The RaaS business was pioneered by Encryptor RaaS in early 2015 and the developers of Cerber want a share of the market for ransomware. It appears that the coders behind the Cerber 4.0 Ransomware decided to open their product to foreign programmers and benefit from the expanded distribution network. The Cerber 4.0 Ransomware is said to boast several significant improvements compared to the Cerber v3 . The Cerber v4 creates a unique file extension marker for every victim, and the Trojan is programmed to bypass all security mechanisms employed by modern...

Posted on October 13, 2016 in Ransomware

Decryptallfiles3@india.com

The ‘Decryptallfiles3@india.com’ Ransomware is named after the email address users are supposed to contact in case their data was encrypted. The ‘Decryptallfiles3@india.com’ Ransomware is an encryption Trojan that is actively dispersed among Windows OS users via spam emails. Fake invoices, payment notifications, and photos from Facebook are known to serves as droppers for the ‘Decryptallfiles3@india.com’ Ransomware. In many cases, users are lead to believe they need to enable macro and load the document correctly while random characters are scattered across a blank page. Security experts remind users to make sure macro is disabled in their office suite since it is easily abused by threat actors who deploy threats through a macro. The ‘Decryptallfiles3@india.com’ Ransomware is one of...

Posted on December 16, 2016 in Ransomware

More Articles

BrowserMe

BrowserMe is a name that is given to a Trojan that is used to make computers load advertisements and click on them. The BrowserMe Trojan is named after ‘BrowserMe.exe,’ which is one of the several EXE files it uses to run. The BrowserMe Trojan is seen promoted on pop-up windows as a program dubbed ‘Chrome_Font.exe’ that needs to be installed if you intent to load pages on the Internet properly. The BrowserMe Trojan is very similar to Trojan.Clicker MSIL.Agent and Adware.RekloPay in behavior. The BrowserMe Trojan depends on the presence of Google Chrome on the infected machine. PC security researchers reveal that the BrowserMe Trojan is designed to interact with Google Chrome, run a shadow instance of the browser and open advertisements. The BrowserMe Trojan clicks on ads and claims revenue for its...

Posted on January 20, 2017 in Trojans

iPrivate Multi Search

The iPrivate Multi Search software is promoted at ienjoyapps.com/utilities/iprivate/ as a program that would enable to search the Web without being tracked. Moreover, users are suggested that the iPrivate Multi Search does not collect information on their search queries and the links they click on. The iPrivate Multi Search software is a suite of extensions for Google Chrome that includes iPrivate Search Plus, iPrivate Now, iPrivate MultiSearch and iPrivate Search. The words used at ienjoyapps.com/utilities/iprivate/ to describe iPrivate Multi Search are: ‘With iPrivate you can search the web without tracking your search history or any personally identifiable information Turn your search private with iPrivate With iPrivate chrome extensions now you can search the web without tracking your search history or any personally...

Posted on January 20, 2017 in Possibly Unwanted Program

‘webmafia@asia.com’ Ransomware

The tag ‘webmafia@asia.com’ Ransomware is used by cyber security companies to specify an encryption Trojan. The ‘webmafia@asia.com’ Ransomware Trojan is a variation of the Dharma Ransomware that uses a new file marker, obfuscation layers, packaging and a slightly modified encryption engine. The ‘webmafia@asia.com’ Ransomware is deployed to users via a spam campaign. The spam emails may look like legitimate messages from trusted services like Facebook, PayPal and Amazon. The distributors of the ‘webmafia@asia.com’ Ransomware are known to use images, logos and phishing domains to convince users to download and open the payload that carries the installer for the Trojan. In most cases, the ‘webmafia@asia.com’ Ransomware is introduced into systems by suggesting users enable the...

Posted on January 20, 2017 in Ransomware

Win Tuneup Pro

Win Tuneup Pro is advertised as a Registry optimizer that can suit the needs of professionals and regular users alike. Computer users that are interested in scanning their Registry for problems can download Win Tuneup Pro from Wintuneuppro.com for free. PC users are not required to pay a fee before they download and install the Win Tuneup Pro software. Win Tuneup Pro comes with a trial period that grants users with limited access to its functionality. For example, you can benefit from the scan engine of Win Tuneup Pro and receive results daily. The results page generated by Win Tuneup Pro may offer extended information on the problems detected on your system and offer a solution. The trial version of Win Tuneup Pro might display numerous problems related to your OS and suggest that your OS is in critical condition. The warnings shown...

Posted on January 20, 2017 in Possibly Unwanted Program

Secure-finder.org

Secure-finder.org is presented to Web surfers as a more secure and reliable alternative to giants like Bing.com and Google.com. Secure-finder.org claims to offer search functionality to its users that do not include tracking cookies as opposed to the traditional search experience on competing services. Computer users that like the idea behind Secure-finder.org are offered to install a browser extension to their browser and make sure they are presented with search suggestions by Secure-finder.org in their search bar and Omnibox. The Secure-finder.org extension is available for Safari, Google Chrome and Mozilla Firefox. Web surfers that install the Secure-finder.org extension should make sure to read the F.A.Q. section and the terms of service agreement. Secure Finder claims to make an effort at keeping your searches private, does not...

Posted on January 19, 2017 in Browser Hijackers

Fanli90.cn

Fanli90.cn may seem like a site that offers fun content generated by visitors. However, the moderators at Fanli90.cn failed to notify their users that they are presented with content from another site. Moreover, there is no credit given to the original site, and you may be provided with links to phishing messages. What we are talking about is that Fanli90.cn presents its visitors with content from Fmylife.com and advertisements from insecure advertisements networks. We have received reports that users may be redirected to Fanli90.cn when they open a new tab and click on links on their favorite pages. An investigation was initiated, and there may be a browser hijacker program pushed to users via free software bundles. Fanli90.cn is added to the naughty list of several Web filters like Websense ThreatSeeker and Sucuri. Browser...

Posted on January 19, 2017 in Browser Hijackers

Crypto1CoinBlocker Ransomware

Cyber security researchers identified the Crypto1CoinBlocker Ransomware as an upgraded version of the Xorist Ransomware that was spotted earlier in 2016. The Crypto1CoinBlocker Ransomware features new obfuscation layers, new phishing messages are used for its distribution, and the encryption engine supports the RSA-2048 algorithm. Additionally, the format how files are marked is changed and follows the pattern . . . Researchers found that the initial release of the Crypto1CoinBlocker Ransomware is associated with the address 1AcTiv7HDn82LmJHaUfqx9KGG55P9jCMyy. Thus, ‘Black sand.pptx’ is transcoded to ‘Black sand.pptx.1AcTiv7HDn82LmJHaUfqx9KGG55P9jCMyy and the content is encrypted in its entirety, not just the first few bytes of the file as it was the case with the Jager Ransomware . Analysts that worked with...

Posted on January 19, 2017 in Ransomware

Satan Ransomware

The Satan Ransomware is not a single product of a threat actor but a representative of what experts call Ransomware-as-a-Service. The Satan Ransomware is a Trojan that is offered for rent by its developers. What customers get when they buy the Satan Ransomware includes a kit to customize the crypto-threat, access to ‘Command and Control’ servers hosted on the developer’s platform, and 70% of the profit generated by their custom build of the Satan Ransomware. The RaaS platform was introduced with the Encryptor RaaS and ORX-Locker in July 2015 and expanded later with the addition of Stampado and Cerber in 2016. There are posts on the Satan Ransomware on the Dark Web as far bask as August 2016. However, the Satan RaaS platform was publicly reported on January 19th, 2017 and was promoted as a ‘free to use...

Posted on January 19, 2017 in Ransomware

garryweber@protonmail.ch Ransomware

The ‘garryweber@protonmail.ch’ Ransomware is a basic encryption Trojan that does not come with a tacky name such as the HakunaMatata Ransomware . Cyber security investigators reported that the ‘garryweber@protonmail.ch’ Ransomware Trojan is sent to users in Brazil and neighboring countries with phishing messages. The ‘garryweber@protonmail.ch’ Ransomware Trojan features basic obfuscation layers and evasive techniques, which make investigators think that it is not the work of an experienced threat actor. The rise of crypto-threats like Cerber and Locky brought many programmers of all levels into the market of ransomware in 2016. Thus, Trojans like the ‘garryweber@protonmail.ch’ Ransomware sprung up and targeted users in particular countries. We can mention the Korean Ransomware and...

Posted on January 19, 2017 in Ransomware

CryptoShadow Ransomware

The CryptoShadow Ransomware is a member of the expanding family of encryption Trojans based on the HiddenTear project. Since the HiddenTear project was published on Github.com in the summer of 2016, it was used for the development of many encryption Trojans. The CryptoShadow Ransomware was reported on January 19th, 2017. The threat does not feature a plethora of distinct features compared to other variants based on HT such as HiddenPeach and the MafiaWare Ransomware . PC security experts that worked with samples of the CryptoShadow Ransomware reveal that the Trojan may be introduced to computers using corrupted text documents. Researchers reported that there is an executable named ‘iexplorer.exe’ that served as the encryption engine for the CryptoShadow Ransomware. The author of the CryptoShadow Trojan made...

Posted on January 19, 2017 in Ransomware

Gmail Phishing Scam Rapidly Spreading to Trick You Out of Your Google Account Login Credentials

Let’s face it; hackers have no mercy when it comes time that they exploit computer users through their naiveté or lack of enough knowledge to avoid becoming the next victim of data and identity theft . As it turns out, hackers are actively peddling a quite massive and aggressive phishing campaign that is seeking the login credentials to Gmail accounts. Hackers behind an enormous Gmail phishing campaign have employed sophisticated automation feature code onto websites that look to mimic a Gmail login page. The phishing technique used is one that is actively tricking Internet users into unknowingly give hackers access to their Gmail accounts. The act of Phishing, which is known as a process where a website or web page is created to closely resemble a legitimate site, dates nearly as far back as the age of the Internet. In...

Posted on January 19, 2017 in Computer Security

‘powerfulldecrypt File Extension’ Ransomware

The detection name ‘.powerfulldecrypt File Extension’ Ransomware is used to specify an encryption Trojan that is based on the SamSam (Samas) Ransomware . The detection name ‘.powerfulldecrypt File Extension’ Ransomware is used as an easy way to distinguish a version of SamSam that is programmed to use the ‘.powerfulldecrypt’ extension when it marks files as encrypted. The ‘.powerfulldecrypt File Extension’ Ransomware emerged after the ‘.VforVendetta File Extension’ Ransomware and the Dr. Fucker Ransomware that are members of the Samas family of Trojans. The new variant dubbed the ‘.powerfulldecrypt File Extension’ Ransomware was added to the databases of security vendors on January 14th, 2017. PC security experts suspect that affected users were compromised...

Posted on January 18, 2017 in Ransomware

‘wuciwug File Extension’ Ransomware

The detection ‘.wuciwug File Extension’ Ransomware is used by security vendors regarding a variant of the Globe3 Ransomware . The ‘.wuciwug File Extension’ Ransomware is not very different from the main version of the Trojan. Evidently, the Trojan is using the ‘.wuciwug’ file extension to mark the encrypted files and it is the most prominent difference. For example, ‘Metal halide lamp.pptx’ is transcoded to ‘Metal halide lamp.pptx.wuciwug’ and the original file is deleted permanently. Other traits of the ‘.wuciwug File Extension’ Ransomware remain consistent with the ransom family it belongs to. The ‘.wuciwug File Extension’ Ransomware may be downloaded to computers when the user runs a bad macro from a text document and a PDF file. The distribution...

Posted on January 18, 2017 in Ransomware

Ploutus

The Ploutus malware is a Trojan that appeared in 2013 in Mexico and resurfaced on security scans in November 2016 with a new version. Ploutus is a Trojan that is designed to work on ATMs powered by the Windows OS. Ploutus can interact with the latest versions of Windows and Windows XP as well. Cyber security experts that were investigating empty ATMs revealed that the physical integrity of the machines was compromised to access the inside mechanisms and install the Ploutus Trojan. The initial release of Ploutus was designed to release cash when an external keyboard is connected to the infected ATM, but the new version features a significant improvement. The new version comes with a launcher that makes attempts at identifying security tools and killing them. Also, samples of Ploutus showed that the Trojan is using a better .NET...

Posted on January 18, 2017 in Trojans

‘0-800-090-3853’ Pop-Ups

The ‘0-800-090-3853’ dialog boxes in your browser may seem like security alerts from Microsoft, but they are not. The ‘0-800-090-3853’ warnings that refer to ‘Error # SL9DW61’ are phishing messages hosted on untrusted pages, and you should not perceive them as legitimate messages from the Microsoft Corp. The designers of the ‘0-800-090-3853’ pop-ups made an effort to fool users into thinking that they can contact help from Microsoft by calling the 0-800-090-3853 phone line. The number is not registered to a certified computer support agency, and you may want to avoid conversation with the staff on the 0-800-090-3853 phone line. As stated before, the ‘0-800-090-3853’ dialog boxes are generated on untrusted pages, which we have listed before and numbered more than two dozens....

Posted on January 18, 2017 in Adware
1 2 3 4 5 6 7 8 9 10 11 1,118