Track Global Malware Trends
View the trending of malware based on the "detection count" reports of threats found in infected PCs and volume levels which reflect malware infection rates. For real-time data on malware outbreaks worldwide, visit MalwareTracker.

Top Security News

Top 20 Countries Found to Have the Most Cybercrime
Have you ever wondered which countries face the most cybercrime? If you have ever wondered which countries have the most cybercrime, then you may be surprised to know that there are few contributing factors that attract cybercriminals to specific regions of the world. Security research firm,...
Spam Alert: Phishing Email Scam Titled ‘Bank of America Alert: Account Suspended’
We recently discovered a new phishing scam from a Bank of America spam email message that attempts to warn a computer user of an 'invalid login' resulting in a 'suspended banking account'. The spam message is ultimately a phishing scam that tries to lure computer users to a phishing site to...
Top 5 Popular Cybercrimes: How You Can Easily Prevent Them
Over the course of the past few years, hackers and cybercrooks armed with sophisticated malware have stolen literally hundreds of millions of dollars from online banking accounts and individuals all over the world. We have said it many times before in recent articles , the days of robbing...

Top Articles

Play-bar.net

The Play-bar.net search aggregator is similar to Ultimate-search.net , and it is a questionable service that is promoted by a browser hijacker. The Play-bar.net site is operated by Blisbury LLP and features a small search bar, a weather forecast in the top right corner and a clock widget in the top left corner. Additionally, the Play-bar.net site may offer users to play Adobe Flash games on online gaming platforms like Princess Games , GamesRockit and TikiArcade . The browser hijacker related to Play-bar.net is written with the purpose of diverting the Internet traffic of infected users to Play-bar.net and earn affiliate revenue. The Play-bar.net browser hijacker may modify your DNS settings and change your default search aggregator, homepage and a new tab to Play-bar.net. The Play-bar.net browser hijacker might edit your Windows...

Posted on October 14, 2015 in Browser Hijackers

Cerber Ransomware

The Cerber Ransomware is a ransomware infection that is used to encrypt the victims’ files. The Cerber Ransomware adds the extension CERBER to every file that the Cerber Ransomware encrypts. After the Cerber Ransomware has encrypted some of the files of the victim, the Cerber Ransomware demands the payment of a ransom in exchange for the decryption key. According to Cerber Ransomware’s ransom note, computer users have one week to pay the ransom amount before this amount is doubled. As the Cerber Ransomware encrypts the victim’s files, it creates TXT, HTML, and VBS files named ‘DECRYPT MY FILES’ with instructions on how to pay the Cerber Ransomware’s ransom. These files are dropped on every folder that contains files that were encrypted by Cerber Ransomware. According to these ransom notes, the...

Posted on March 4, 2016 in Ransomware

Cerber3 Ransomware

The Cerber3 Ransomware is a new version of a well-known ransomware Trojan. The Cerber Ransomware Trojan now uses a slightly different method during its attack. The main difference is that the files infected by the Cerber3 Ransomware can be identified through the use of .CERBER3 as the extension that identifies the files that have been encrypted in the attack. PC security analysts had observed a Cerber2 variant of this attack previously. This numbering system may indicate new versions of software, and threats are no exception. The appearance of the Cerber3 Ransomware indicates that the Cerber ransomware family is being developed and updated currently. The Cerber3 Ransomware was discovered recently, around the end of August of 2016. The Cerber3 Ransomware presents minor differences from previous versions of this threat. However,...

Posted on September 1, 2016 in Ransomware

DNS Unlocker

The DNS Unlocker is adware that has caught the attention of PC security researchers. Many computer users have been using programs like the DNS Unlocker to bypass region-locking components in online applications. The DNS Unlocker, in particular, has been advertised as a way for computer users to access Netflix for regions outside of their location. PC security analysts strongly recommend against this approach. There are numerous applications available that supposedly allow computer users to modify their IP or connect to certain websites that are blocked for certain regions. However, this is a common way for adware developers to distribute their low-level and mid-level threats. In several situations, it may be better to avoid using these types of components or looking for reputable options even if they are slightly more expensive than...

Posted on June 15, 2015 in Adware

Tavanero.info

Tavanero.info is a bogus search engine that is associated with a PUP (Potentially Unwanted Program). Tavanero.info attempts to mimic the look and feel of the Google search engine to mislead computer users. Tavanero.info uses the Google logo colors in its layout and even includes the term ‘GoogleTM Custom Search,’ despite the fact that Tavanero.info has no affiliations with Google. Tavanero.info should be considered for what it is, a bogus search engine that may be used to expose computer users to potentially harmful online advertisements and content. There is no legitimate connection between Tavanero.info and Google, despite this fake search engine’s claims. Tavanero.info is linked to a type of PUP known as a browser hijacker, mainly because these components may be used to hijack the computer users’ Web...

Posted on September 6, 2016 in Browser Hijackers

Tech-connect.biz

If Tech-connect.biz start appearing as your homepage and search engine, this means that your computer is housing a browser hijacker. Then you wonder how it could have happened if wasn’t you who introduced Tech-connect.biz on your machine. The answer is very simple; browser hijackers may be part of the installation of a free software you downloaded from the Web recently. This is a well-used method since the computer users may be in a hurry when installing the free program they need and instead of choosing ‘Advanced’ or ‘Custom,’ used the quickest installation method, skipping its EULA and additional details, giving the browser hijacker, adware, and PUPs, the permission to be installed unknowingly. Although not threatening, Tech-connect.biz may cause a series of inconveniences to the computer users, such as...

Posted on September 15, 2016 in Browser Hijackers

Antivirus Security Pro

Antivirus Security Pro screenshot

Antivirus Security Pro is a rogue security application that belongs to a large family of rogue security software known as . Antivirus Security Pro is a fake security program that is disguised as a legitimate anti-virus application. Antivirus Security Pro does this by displaying false positives and bogus security warnings on the victim’s computer. There are several ways in which criminals distribute Antivirus Security Pro, including malicious attack websites and spam email messages containing malicious attachments. Security analysts consider that Antivirus Security Pro presents a threat to your computer. Because of this, ESG security researchers strongly recommend that computer...

Posted on August 22, 2013 in Rogue Anti-Spyware Program

Zepto Ransomware

The Zepto Ransomware is a variant of the Trojan Locky Ransomware . The Zepto Ransomware is designed to infect all versions of the Windows operating system, from Windows XP all the way to Windows 10. Ransomware Trojans like the Zepto Ransomware are especially threatening because, even if removed, the victim’s files will still be inaccessible. Essentially, the Zepto Ransomware takes the victim’s files hostage, encrypting them and demanding the payment of a ransom to decrypt them. Since the files encrypted by the Zepto Ransomware are impossible to recover without access to the decryption key, PC security analysts advise that computer users take immediate preventive measures to avoid becoming victims of this and similar ransomware Trojan attacks. When the Zepto Ransomware is installed on the victim’s computer, it...

Posted on June 29, 2016 in Ransomware

CryptoLocker Ransomware

CryptoLocker Ransomware screenshot

The CryptoLocker Trojan is a ransomware infection that encrypts the victim’s files. CryptoLocker may typically be installed by another threat such as a Trojan downloader or a worm. Once CryptoLocker is installed, CryptoLocker will search for sensitive files on the victim’s computer and encrypt them. Essentially, CryptoLocker takes the infected computer hostage by preventing access to any of the computer user’s files. CryptoLocker then demands payment of a ransom to decrypt the infected files. CryptoLocker is quite harmful, and ESG security analysts strongly advise computer users to use an efficient, proven and updated anti-malware program to protect their computer from...

Posted on September 11, 2013 in Ransomware

CryptoWall Ransomware

CryptoWall Ransomware screenshot

The CryptoWall Ransomware is a ransomware Trojan that carries the same strategy as a number of other encryption ransomware infections such as Cryptorbit Ransomware or CryptoLocker Ransomware . The CryptoWall Ransomware is designed to infect all versions of Windows, including Windows XP, Windows Vista, Windows 7 and Windows 8. As soon as the CryptoWall Ransomware infects a computer, the CryptoWall Ransomware uses the RSA2048 encryption to encrypt crucial files. Effectively, the CryptoWall Ransomware prevents computer users from accessing their data, which will be encrypted and out of reach. The CryptoWall Ransomware claims that it is necessary to pay $500 USD to recover the encrypted...

Posted on May 12, 2014 in Ransomware

From Doc to Pdf Toolbar

The From Doc to Pdf Toolbar is a creation of Mindspark Interactive Network Inc. and a Possibly Unwanted Program that computer users can download from its website, Fromdoctopdf.com. The From Doc to Pdf Toolbar may attract the attention of computer users that need to convert their files to .docs because it promises to convert PDF, DOC, TXT, RTF, XLS, PPT, BMP, JPG, TIFF and more to .doc as long as they are installed on a computer running Windows 7, 8, 10, Vista, and XP. However, the From Doc to Pdf Toolbar may replace your new tab page or homepage to MyWay.com. Although downloaded and installed by the computer owner, the offered functions of From Doc to Pdf Toolbar may be unwanted. If you installed the From Doc to Pdf Toolbar on your machine but is not satisfied with its adverse secondary effects, you should consider uninstalling From...

Posted on July 24, 2013 in Potentially Unwanted Programs

Tor Malware

The Tor Malware infection has appeared in the news due to its use in a high profile police case that helped take down various TOR websites involved with child pornography and other illegal activities. Taking advantage of a bug in the Firefox build on which TOR is based, law enforcement officials were able to create a Tor Malware infection that sends the location of the infected computer to the person controlling the Tor Malware infection. This proved to be essential in taking down illegal content on TOR which is specifically designed to hide computer users and provide notoriously hard to crack anonymity. The Tor Malware infection that is being used currently has been targeting the number one TOR target, Freedom Hosting. The main reason why these Web pages have drawn the attention of law enforcement is that they were usually used to...

Posted on August 7, 2013 in Malware

Mapsgalaxy Toolbar

The Mapsgalaxy Toolbar is a Potentially Unwanted Program (PUP) that may cause various unwanted actions on web browsers. You can find the official site of the Mapsgalaxy Toolbar on Free.MapsGalaxy.com/index.jhtml. It is offered to users free of charge and claims to deliver the best directions and mapping tools on the Web. Some users may think that the Mapsgalaxy Toolbar is the perfect travel companion and wish to install it on their laptop. The Mapsgalaxy Toolbar is available for Mozilla Firefox and Google Chrome as a CRX, XPI file, or .exe file. However, the Mapsgalaxy Toolbar is categorized as a PUP or Potentially Unwanted Program. Although the Mapsgalaxy Toolbar may have some legitimate uses, it may be associated with other search engines and potentially misleading advertisements. Inconvenient Alterations Linked to the Mapsgalaxy...

Posted on September 10, 2013 in Potentially Unwanted Programs

OnlineMapFinder

OnlineMapFinder is a potentially unwanted program (PUP) that is advertised at Free.onlinemapfinder.com/index.jhtml as a premium Web-app. The OnlineMapFinder application is developed by Mindspark Interactive Network, Inc. and is described at Free.onlinemapfinder.com/index.jhtml as “Maps, Driving Directions and more in one Chrome New Tab” briefly. The OnlineMapFinder application works as a browser extension/add-on that you can attach to Internet Explorer, Google Chrome, and Mozilla Firefox. You may find the OnlineMapFinder useful if you are traveling around the world with a laptop on your back. The OnlineMapFinder app may load exciting content from sources like Maps.nationalgeographic.com, Historicaerials.com, and Mapquest.com. OnlineMapFinder may be eliminated by going through the web browser add-ons and extensions menu to...

Posted on March 4, 2014 in Potentially Unwanted Programs

Elex Hijacker

The Elex Hijacker is a Web browser hijacker that may take over a Web browser, change its homepage and other settings and prevent computer users from restoring their Web browser to its default setting. The Elex Hijacker may be associated with a variety of other unwanted symptoms. The main reason that makes the Elex Hijacker is considered a browser hijacker is because its main purpose is to take over a Web browser to force computer users to view certain websites repeatedly and open new Web browser windows and tabs while the computer users attempt to use their computers. The Elex Hijacker is promoted as a useful Web browser extension or add-on. However, PC security researchers have determined that the Elex Hijacker does not offer any useful or beneficial service. Rather, the Elex Hijacker is designed to make money at the expense of...

Posted on December 12, 2015 in Browser Hijackers

Social2Search Ads

Computer users that favor social media when it comes to choosing a fast and reliable method for staying connect to their friends may be interested in the Social2Search software. The Social2Search program is advertised as ‘a social search engine that gives you access to the knowledge of your friends.’ In other words, the Social2Search software allows you to use a custom search engine at Social.search.com to browse content that your contacts like, share and upload to Facebook, Twitter, Instagram, Pinterest, LinkedIn and Google+. The Social2Search application works as a browser extension that might change your default search engine and homepage settings to customize your Internet experience. The idea behind the Social2Search extension may sound great, but you should avoid installing it. Security researchers reveal that the...

Posted on May 5, 2016 in Adware

CounterFlix

The Counterflix software is advertised as an application that can allow users to load geo-restricted content from services like Hulu, Pandora and Netflix. PC users that live in countries like India, China, and Russia, where Internet censorship applies may be interested in installing Counterflix. The services provided by Counterflix are available through the app and the modification of your DNS configuration. The setup page for Counterflix can be found at Counterflix.com and users will need to edit their system settings to install the Counterflix correctly. You should note that the Counterflix software is provided on an “As-Is” basis and you will not receive support from its developers. Unfortunately, the makers of Counterflix do not provide contact information like a Facebook page or a Twitter account, which you may need in case of...

Posted on October 2, 2016 in Adware

Fanli90.cn

Fanli90.cn may seem like a site that offers fun content generated by visitors. However, the moderators at Fanli90.cn failed to notify their users that they are presented with content from another site. Moreover, there is no credit given to the original site, and you may be provided with links to phishing messages. What we are talking about is that Fanli90.cn presents its visitors with content from Fmylife.com and advertisements from insecure advertisements networks. We have received reports that users may be redirected to Fanli90.cn when they open a new tab and click on links on their favorite pages. An investigation was initiated, and there may be a browser hijacker program pushed to users via free software bundles. Fanli90.cn is added to the naughty list of several Web filters like Websense ThreatSeeker and Sucuri. Browser...

Posted on January 19, 2017 in Browser Hijackers

More Articles

75% of Ransomware Originates from Russian Hackers

In the world of hacking, there is a major force to reckon with that comes out of Russia and its name is ransomware. Even though Russia isn’t the only place that malware originates from, it has recently been found to be the home to the creation of about 75% of all ransomware. According to a senior malware analyst at Kaspersky Lab from the discovery of popular families of, about 75% of all ransomware is created by Russian-speaking hackers and cyber criminals. The shocking fact that most ransomware is coming from Russia or Russian-speaking people only adds to today’s political discourse and raises many questions. Ransomware, as we know it, is among the most dangerous and destructive malware since the existence of computers and the Internet. Most common forms of ransomware as of late have been made up of aggressive malware...

Posted on February 21, 2017 in Computer Security

Nonereblock Ads

Riskware may generate the Nonereblock ads on Google and other search engines you load in the browser. The Nonereblock riskware is a program that is marketed as a tool that can allow you to browse any Web page on the Internet without fear of censorship. The services provided by Nonereblock are advertised at Nonereblock.com and rely on a custom wpad.dat file imported in the OS. The Nonereblock service is ad-supported, and users should expect to find sponsored ads, banners and promotional videos that carry the slogan ‘Powered by Nonereblock’ on pages they visit. As mentioned before, the Nonereblock riskware uses a custom-built wpad.dat, which stands for Web Proxy Auto-Discovery Protocol. The wpad.dat file that comes with Nonereblock is coded to reroute all your Internet queries via a Web proxy. The Web proxy is a server that...

Posted on February 21, 2017 in Adware

‘Happydayz@india.com’ Ransomware

The ‘Happydayz@india.com’ Ransomware is a version of the Globe Ransomware that is associated with the happydayz@india.com email account. The ‘Happydayz@india.com’ Ransomware is an encryption Trojan that was reported on February 19th, 2017 and appears to work as other Globe-variants that includes the ‘Hnumkhotep@india.com’ Ransomware and the ‘Rescuers@india.com’ Ransomware . The ‘Happydayz@india.com’ Ransomware is delivered to users via traditional mechanisms such as a massive spam campaign and corrupted text documents that may look like notifications from trusted companies and banking institutions. PC users that work with spreadsheets and text documents on a daily basis should make sure they have disabled the macro functionality in their office and at least limit the...

Posted on February 21, 2017 in Ransomware

VHDLocker Ransomware

The name of the VHDLocker Ransomware is derived from the analysis of its operations. The VHDLocker Ransomware is an unusual Trojan that works like the CryptoHost Ransomware and transfers files from one location to another. However, the VHDLocker Ransomware moves the files to a virtual hard drive (cloud storage like Google Drive) instead of creating a data vault on the PC. Hence, VHDLcoker is an abbreviation for Virtual Hard Drive Locker. Affected users are presented with a short text that explains what happened with their files and that they need to transfer 0,5 Bitcoin (546 USD/516 EUR) to a certain wallet address. Instructions on how to access the virtual hard drive are supposed to be delivered to an email account of your choosing Needless to say, the data extracted by the VHDLocker Ransomware is possible to be used in doxing...

Posted on February 21, 2017 in Ransomware

XYZware Ransomware

The XYZware Ransomware is an Encryption Trojan that is named after the file XYZware.exe, which the threat is known to use. Computer security researchers discovered the XYZware Ransomware while looking into cases that involve the cyberking@indonesianbacktrack.or.id email account. Users that were compromised by the XYZware Ransomware were invited to write to cyberking@indonesianbacktrack.or.id and pay a ransom to recover access to their files. The XYZware Ransomware is using the AES-128 and the RSA-2048 ciphers to lock access to the content on the computer. That way, the threat puts the users into a position where they are deprived of their data, and the only way to recover their files is to deliver payment and hope they would receive the proper decryption key and software. Researchers note that the XYZware Ransomware may be installed...

Posted on February 21, 2017 in Ransomware

Search.chipopo.info

The Search.chipopo.info is a search portal that is not a safe place to start your online session and be used for searches. The Search.chipopo.info site is related to untrusted redirect-gateways like Feed.snowbitt.com. PC users reported that their browser is hijacked and loads Search.chipopo.info as the start page and new tab page by default. Cyber security investigators that received reports for problems with Search.chipopo.info looked into the matter and revealed that Search.chipopo.info features a custom-built Google search engine. The custom version of Google on Search.chipopo.info may load content from phishing pages and reroute users through sites that host tools like the Neutrino Exploit Kit and the CrimeBoss Exploit Kit . If you experience redirects via Search.chipopo.info, it is possible to be infected with the Chipopo...

Posted on February 21, 2017 in Browser Hijackers

Searchbuw.ru

The Searchbuw.ru portal that is registered to the 46.4.235.72 IP address is recognized as untrusted, and Web surfers are not recommended to browse content and pages related to Searchbuw.ru. The portal is associated with a browser hijacking software that may be distributed to users via free software bundles. The program related to Searchbuw.ru may use batch files to alter the configuration of Internet clients like Internet Explorer, Mozilla Firefox, Opera and Google Chrome. The Searchbuw.ru browser hijacker may alter the parameters of the shortcuts for your Internet client and make it load one of the following files instead of the legitimate executable: chrome.bat.exe firefox.bat.exe iexplore.bat.exe opera.bat.exe Researchers have uncovered that the Searchbuw.ru browser hijacker may host its files in the Roaming folder...

Posted on February 20, 2017 in Browser Hijackers

AdSentinel

Computer security researchers alert of the AdSentinel (a.k.a. RealTimeLeads) adware that may use a Privoxy proxy server to introduce advertisements to unaffiliated pages and generate pay-per-click revenue for its creators. The AdSentinel adware may land on machines that run the latest version of Windows and run as AdSentinel.exe, which is visible in the Task Manager. AdSentinel (a.k.a. RealTimeLeads) adware is a program that reroutes all of the user’s Internet traffic via a customized Privoxy proxy server. Additionally, AdSentinel adds a JavaScript code to the header and footer of pages you load to display promotional materials. The AdSentinel adware may add keys to the following classes in the registry: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\...

Posted on February 20, 2017 in Adware

GetCouponsFast Toolbar

The GetCouponsFast Toolbar, also seen as GetCouponsFast New Tab, is a program that is marketed as a helpful tool that can help you find coupons for food fast. The GetCouponsFast program can be found at Getcouponsfast.com and requires integration with browsers like Internet Explorer, Google Chrome and Mozilla Firefox. Computer users that are interested in using the GetCouponsFast Toolbar should make sure to read the terms of use at Eula.mindspark.com/tos/ because you might want to be aware of what to expect from products of Mindspark Interactive Network, Inc. PC security researchers reveal that the GetCouponsFast Toolbar is released as a re-branded and modified version of the CouponXplorer Toolbar and has much in common with the ListingsPortal Toolbar and the FindMeFreebies Toolbar . GetCouponsFast may arrive on the computer in...

Posted on February 20, 2017 in Possibly Unwanted Program

‘024-7718-0138’ Pop-Ups

Web surfers that experience the ‘024-7718-0138’ pop-up windows in browsers like Google Chrome, Internet Explore, Edge, Opera, and Mozilla Firefox should ignore them. The ‘024-7718-0138’ pop-up windows may be presented on a background that is a screenshot of Support.Microsoft.com and suggests that your PC is blocked due to ‘suspicious activity on the device.’ Web surfers may be redirected to pages that host the ‘024-7718-0138’ messages created by browser hijackers to display bad advertisements. We have seen the ‘024-7718-0138’ messages on ha08ds17456[.]club. The site is registered to the IP address: 104.28.29.184 and further investigation revealed that it has clones loaded on the same IP, which includes: 45can[.]com 6094567[.]top habercioyunlarin[.]xyz The IP...

Posted on February 20, 2017 in Adware

Kasiski Ransomware

The Kasiski Ransomware is an encryption Trojan that was announced to the cyber security community on February 17th, 2017. At first, the Kasiski Ransomware appeared to be another standard crypto-threat, but further analysis uncovered an interesting fact. The Kasiski Ransomware is optimized to run on 64-bit systems, and it cannot encode data on 32-bit Windows OS. The Kasiski Ransomware is aimed at users that speak Spanish and users in countries like Spain, Ecuador, Costa Rica, Puerto Rico, Colombia, and Guatemala may be the primary targets of the Kasiski Ransomware. The Kasiski Trojan may be sent to users as a notification about new changes in terms of service of companies like Facebook, Google Inc., PayPal Holdings, Inc., Instagram and banking institutions. Understandably, many users may open messages that carry the payload of the...

Posted on February 20, 2017 in Ransomware

Winkeyexpired.xyz

The Winkeyexpired.xyz site should not be trusted and may be used for promoting fake technical support services. The layout of Winkeyexpired.xyz consists of a screenshot of the legitimate security alert displayed by the Google Safebrowsing when a user is about to enter a compromised site. The designers behind the Winkeyexpired.xyz site took a screenshot of the legitimate warning and used that as a background to provide credit to the message shown on Winkeyexpired.xyz. Computer users should pay attention to the URL and will notice the suspicious name and the lack of HTTPS encoding. Additionally, browsers that incorporate services like the Google Safebrowsing and the Mozilla Phishing Protection will not use a dialog box to show you a warning but will give you the option to proceed, leave the site and report a false positive. The fake...

Posted on February 20, 2017 in Browser Hijackers

‘800-953-457’ Pop-Ups

The ‘800-953-457’ pop-ups that may feature the title ‘storage.googleapis.com’ should not be trusted. The storage.googleapis.com site refers to the Google Apps Development platform, which we have seen to be exploited by fake technical support companies. The ‘800-953-457’ pop-ups are generated by specially crafted pages hosted on the legitimate storage.googleapis.com service. Con artists are known to exploit legitimate services and use valid digital certificates of third parties and logos of trusted companies to claim credibility. Cyber security experts note that the messages delivered via corrupted pages on storage.googleapis.com may offer misleading information, lead users to phishing domains and recommend users call phone lines like 800-953-457 that are operated by fake computer support agents. We...

Posted on February 17, 2017 in Adware

‘800-098-8052’ Pop-Ups

When we are talking about the ‘800-098-8052’ pop-ups, we speak of phishing messages that are styled like legitimate security alerts. The ‘800-098-8052’ warnings may originate from the urgent-issue-no58734-system.info site and clones such as urgent-issue-no57040-system.info, urgent-issue-no57167-system.info, as well as many others that feature a slightly different number at the end. These sites are registered to the 94.156.35.184 IP address that is added to the blacklist of several Web filtering services including Google Safebrowsing, Mozilla Phishing Protection and Websense ThreatSeeker. The content on the ‘800-098-8052’ pop-ups and associated pages are tailored to look like it comes from the Microsoft Corp. Experts have seen the ‘800-098-8052’ pop-ups include screenshots of Windows 10,...

Posted on February 17, 2017 in Adware

‘844-786-8921’ Pop-Ups

The ‘844-786-8921’ pop-up windows refer to phishing messages loaded on domains that are used to promote the services of fake computer support companies. We have seen the ‘844-786-8921’ messages advertise help with computer problems on the 844-786-8921 phone line and several other lines that are advertised on similar sites. The ‘844-786-8921’ pop-ups are reported to feature a modified screenshot of Support.microsoft.com and logos of Internet browsers like Edge, Internet Explorer, Google Chrome and Mozilla Firefox. Users should not associate the ‘844-786-8921’ messages with legitimate services connected to the Microsoft Corp., Google Inc. and the Mozilla Project. Con artists may use misappropriated digital certificates and hijack SSL certificates of third parties to convince users to call...

Posted on February 17, 2017 in Adware
1 2 3 4 5 6 7 8 9 10 11 1,126