Spam

Users may receive fake e-mail letters asking to verify their MetaMask wallet as part of completing the KYC verification process. MetaMask is one of the most popular digital wallets allowing people to store and transfer crypto assets, such as Ethereum. Such messages sent under the MetaMask name belong to phishing e-mail spam campaigns, which are designed to trick users into exposing their wallet credentials. Specifically, cybercriminals urge users to click on attached buttons or links leading to a phishing website. This website, therefore, asks users to provide their secret wallet keyword phrase to ostensibly pass the aforementioned verification. Unfortunately, doing so will simply enable cybercriminals to hack the wallet and steal money from it. Note that e-mail scam messages tend to use various psychological tricks to destabilize users' thinking and force them to make rushed decisions - for instance, the fake MetaMask letter stated the account will be restricted unless users complete verification within the specified date. While some details and even the appearance of e-mail scam messages may be sent by various threat actors and therefore vary from user to user, their purpose often remains the same - to scam naive users or download malware into the system. Thus, it is important to beware of such messages and not trust what they say. Always double-check the claimed information on the official website of the service involved, even if the message seems totally legitimate. In addition, we encourage you to read our guide and learn about other dangers of e-mail spam messages and aversion techniques against them.

"Summon To Court For Pedophilia" is one of the countless fake e-mail spam messages attempting to convince users they have been accused of doing some illegal activity. This specific spam campaign pretends to be a government entity that summons "offenders" to show up in court and participate in the judicial process related to pedophilia crimes. This fake e-mail has mainly been distributed in two versions - one in French and another in Lithuanian, English, and Dutch (note that other versions may be as well). The subject titles that these e-mails included were often "Fwd_ N°5326EU-FR2022 PROCÈS VOUS CONCERNANT..eml" and "šaukimas į teismą Nr. 9941/2022.". Cybercriminals behind such e-mails use a number of visual elements to convince the recipients, such as images and logos of official governmental bodies, highlighted text lines, deadlines, and so forth. They accuse recipients of being involved in pedophilia, sex trafficking, child pornography, and other crimes, which must be justified within 72 hours unless recipients want to bear severe consequences. Please note that the information stated in such e-mail is completely fake and propagated by threat actors themselves, not by governmental bodies or any other kinds of legitimate entities. The goal of cybercriminals who spread such e-mails is simply to trick users into contacting them. Afterwards, swindlers might ask to provide sensitive and private information, pay "fines", or perform other actions. Thus, it is important to ignore such e-mails and do not do what they say. In addition, you should never open links or attachments from such letters as they can be designed to distribute malware infections and other potentially dangerous content. Read our guide to learn other dangers of e-mail spam messages and aversion techniques against them.

"I have to share bad news with you" is one of the numerous e-mail spam campaigns that pursue to trick users into believing falsified information. This specific scam type claims the user's system has been infected with a Trojan program, which therefore allowed threat actors to record sensitive information and content using a microphone, webcam, keyboard, and other input/output devices of the infected computer. Various browser activities are also said to have been tracked by the malicious program. The message claims the trojan virus recorded footage of the recipient watching adult (pornography) websites, which "will be published" unless $950 dollars are paid to the attackers within 48 hours (deadlines and ransom amounts may vary). The reason "will be published" is written in quotes is simply because all the threats made in such e-mail spam messages are fake and have nothing to do with what they claim. This and hundreds of other e-mail scam campaigns are used to deceive inexperienced users into trusting forged information and facts, making transfers of money to scammers, opening malicious attachments or links, and providing sensitive information on fake log-in websites. Thus, never trust messages that look doubtful and suspicious, especially if they attempt to impose some ostensibly real threats or other kinds of tricks. Read our guide to learn the dangers of other e-mail scam types in more detail as well as explore aversion techniques of such messages in the future.

Qtumcoin.net is a fraudulent e-mail spam campaign targeting a large number of recipients worldwide. Its purpose is to trick inexperienced/unattentive users into opening a fake Qtum website and investing their money in it. The message's subject can display "Bitcoin Payment Successfull" (or a similar heading) and state an eye-catching text with information about a whopping amount of 85.7777 BTC that has been deposited to the user's Bitcoin wallet. To confirm the balance, threat actors say it is necessary to follow a link leading to the qtumcoin.net website. In fact, this webpage is fraudulent and should not be mistaken for the official Qtum cryptocurrency page - qtum.org. Scammers promoting this or similar fake pages use them to steal money from inexperienced users. E-mail is a very popular and cheap channel that gets constantly abused by cybercriminals to deliver countless fraudulent, unsolicited and even malicious letters. This is why it is important to be cautious when receiving e-mails from unknown and untrusted sources, especially if they contain requests for personal information or financial investments. Do not trust e-mail messages from unverified senders that contain flashy headlines and suspicious content offering to open or download something (be it attachments or links). Read our guide with useful tips on how to avoid such e-mail scam techniques and lower the chance of their delivery.

"Professional Hacker Managed To Hack Your Operating System" is a popular spam message designed to bait inexperienced users into thinking their computer has been hacked and therefore used for extracting explicit/private content from it. In fact, all the claims made by this or similar spam messages are fake and have nothing to do with what they say. The message usually claims that cybercriminals gained access to various recording devices (e.g., camera, microphone, screen) and have used them for recording sensitive content without users' permission over the course of several months. It is said that threat actors managed to infiltrate a spyware virus which allowed them to get explicit recordings of e-mail recipients watching adult content on pornography websites. To keep the non-existent recordings unpublicized, scammers give 50 hours to pay 850 USD or 1750 EUR in Bitcoin cryptocurrency - or otherwise, the content will be leaked and shared with users' contacts. As we already mentioned, the "Professional Hacker Managed To Hack Your Operating System" and other similar spam campaigns are designed to spread fake information and make users believe in non-existent threats. Thus, paying scammers is pointless and will simply end up being a waste of your money. Even if sometimes such messages partially coincide with what a person was doing, there is still nothing to worry about due to the aforementioned. Spam messages are countless and can be titled in different ways, such as "Your personal data has leaked due to suspected harmful activities.", "Ihre persönlichen Daten sind wegen des Verdachts auf schädliche Aktivitäten nach außen gelangt." and so forth. Beware of such messages and read our guide with useful tips on how to avoid such e-mail scam techniques and lower the chance of their delivery.

"Your Mailbox Is Full" is a widespread spam campaign that distributes fake messages saying users have overstuffed their mailbox storage and need to update it. The subject of such spam messages often contains titles like "Your mailbox is full", "ERROR ID: Mail-box storage full UPGRADE NOW!!!", or others depending on the spam variant. Inside the message, users are usually encouraged to click the "UPGRADE HERE", "UPGRADE STORAGE" or similar buttons to get more storage space for sending and receiving messages. In fact, all claims made by this spam campaign are fake and must not be trusted. The button that cybercriminals ask users to click simply leads to a phishing web page that requires entering e-mail login credentials. Please note that any properly-entered login credentials on phishing websites will most likely be recorded and become visible to threat actors standing behind this phishing affair. As a result, the collected data may not only be used for accessing e-mail accounts, but also for stealing other accounts (e.g., social media, e-wallet services, messengers, and so forth) that were registered with the same credentials. Social media accounts like Facebook may thereafter be manipulated for pretending to be the original owner and asking for loans from friends. Thus, if you got lured into entering details on the phishing website, we strongly advise you to change the password of your e-mail and other accounts that could potentially be exposed to the hijackers. Never become a victim of such spam techniques again and read our guide below to get effective tools for protecting yourself against them.

Voicemail email spam is one of many email spam campaigns employed by cybercriminals around the web. It is designed to make users believe they received an actual voice message. One such email letter that got under our observation displayed information caller's name, number, and also the duration of the voicemail. In order to open this voicemail, users are given instructions to click on the button ("Preview voicemail") or link and enter their log-in details (email address and password). While such email letters may vary in their content, the purpose usually remains the same - to urge inexperienced users into entering their log-in credentials on a phishing page or downloading some malicious file/program. Please note that entering personal data on such websites is dangerous and will most likely expose your log-in credentials to cybercriminals. If the entered details are correct, this will allow cybercriminals to hijack associated accounts and steal them afterward. The stolen accounts may therefore be used for scamming other people by impersonating the account owner's name, for instance, on various social media. And since such people may identify the user as a person they already know, they are more likely to perform actions requested by cybercriminals (e.g., lend money, open a malicious link/file, and so forth). Furthermore, cybercriminals may also attempt to access banking-related accounts and perform unauthorized transfers of money. If you became a victim of voicemail email or other spam techniques, immediately change your passwords for accounts that might be in danger. It is highly recommended to create different passwords for each account in use as it will decrease the risk of major account loss/damage in case of a password leak. Read our guide below to find out about how fraudulent schemes tend to infect systems; what one should do if he detects a scam; if an e-mail is continuously under consistent spam attacks; and other steps to keep your e-mail spam-free.

Payroll Timetable is a malicious e-mail campaign designed to trick users into downloading a devastating trojan called TrickBot. Developers in charge of this campaign send thousands of identical messages representing fake information about some payroll timetable. By impersonating the name of a legitimate company named PricewaterhouseCoopers and pretending to be its employees, cybercriminals encourage users to review some "irregularities" by opening the attached file. Such text is usually random to users and simply meant to raise curiosity for opening a malicious attachment in .docx, .xls, or other MS Office formats. If you ever receive a message accompanied by some attachment, chances are, this is an attempt to deliver a virus infection. The distributed TrickBot trojan is meant to record sensitive information (e.g., passwords, usernames, e-mails, etc.) and use it for stealing related accounts. The scope of cybercriminals is especially towards various finance-related applications, such as pocket banks or crypto-wallets. Unfortunately, if you trusted the Payroll Timetable e-mail message and opened the attached document, then your system is more likely infected. Use our guide below to avert the damage by running complete deletion of the infection.