phishing websites Archives

AppWizard

November 17, 2025

Sbazar.cz launches in-app messenger and mobile app

Seznam has launched a new mobile application for its classifieds platform, Sbazar.cz, replacing an outdated version. The app includes the Sbazar Messenger feature to enhance user security and reduce scams. Product manager Jakub Rybár noted the increasing sophistication of fraud attempts, leading to the blocking of 50-100 suspicious accounts monthly. The app centralizes communication to mitigate risks from fake emails and phishing. Mobile users now represent over half of the site's traffic, and the app offers functionalities such as account management, listing creation and editing, and push notifications. Sbazar.cz is the third most popular classifieds site in the Czech Republic, with 3.4 million visits in October, trailing Bazos.cz and Aukro.cz. Seznam also manages other platforms, including Sauto.cz and Sreality.cz.

AppWizard

October 9, 2025

New ClayRat Spyware Targets Android Users via Fake WhatsApp and TikTok Apps

A sophisticated Android spyware campaign called ClayRat is targeting users in Russia through Telegram channels and deceptive phishing websites that mimic popular applications like WhatsApp and TikTok. Once activated, ClayRat can exfiltrate sensitive data such as SMS messages and call logs, access device information, take photos, and send messages or make calls from the victim's device. It propagates by sending malicious links to all contacts in the victim's phone book. Over the past 90 days, Zimperium has identified over 600 samples and 50 droppers of ClayRat, which uses advanced obfuscation techniques to evade detection. The malware redirects users to fraudulent websites leading to Telegram channels, where they are lured into downloading APK files. Some samples function as droppers, displaying counterfeit Play Store update screens while concealing the actual payload. Once installed, ClayRat communicates with its command-and-control infrastructure and can capture sensitive content, making infected devices automated distribution nodes. Additionally, a study by researchers from the University of Luxembourg and Université Cheikh Anta Diop found that pre-installed applications on budget Android smartphones sold in Africa operate with elevated privileges, with 9% disclosing sensitive data and 16% exposing critical components without safeguards.

AppWizard

October 3, 2025

New Android Spyware Targeting Users by Imitating Signal and ToTok Apps

ESET researchers have identified two Android spyware campaigns targeting users in the UAE, disguised as messaging applications Signal and ToTok. The first spyware family, Android/Spy.ProSpy, poses as upgrades for these apps, while the second, Android/Spy.ToSpy, specifically targets ToTok users. Both malware families were not found on official app stores and were distributed through phishing websites. The ProSpy campaign, active since 2024, uses deceptive sites to offer malicious APK files as enhancements. The ToSpy campaign, identified since mid-2022, targets ToTok backup files and has ongoing operations. Both spyware types collect extensive data, including contacts and SMS messages, and maintain persistent background operations. Google Play Protect offers some defense against these threats, and users are advised to avoid unofficial app installations.

AppWizard

October 2, 2025

Signal Messenger Impersonated in ‘ProSpy’ Android Spyware Campaign

ESET researchers have identified two Android spyware campaigns, ProSpy and ToSpy, which masquerade as secure messaging apps, Signal and ToTok. These malware families were first detected in June 2025 and are distributed through phishing websites and fake app marketplaces. ProSpy, which mimics a “Signal encryption plugin” or an enhanced ToTok, extracts sensitive user information, including SMS messages, contacts, and device metadata, after gaining permissions. It disguises itself as “Play Services” to avoid detection. ToSpy, discovered concurrently, seeks to capture specific files related to ToTok backups and collects various document types. Both malware types maintain long-term access to infected devices and have been reported to Google, resulting in Play Protect blocking their known variants. The main targets of these campaigns are users in the United Arab Emirates.

Tech Optimizer

September 28, 2025

Is it worth paying for antivirus? We reveal why it’s probably not

Businesses often bundle additional services with core products, especially in the antivirus software market, where products are marketed as 'security suites' or 'total protection.' The primary role of antivirus software is to protect against malware, including harmful downloads and phishing websites. Analysis shows that the best free antivirus programs offer protection comparable to paid versions, with differences mainly in intrusive ads and upselling tactics rather than essential security features. Premium antivirus features include: - Additional licenses: Paid versions typically cover multiple devices, which is beneficial for households with various devices. - Bundled VPN: Often included in paid packages, but data limits may make them less effective; a dedicated VPN may be a better investment. - System tune-up: Generally overhyped; many free tools offer similar functionalities. - Family/parental controls: Valuable for families, but similar features are available for free through other platforms. - Banking browser: May be useful for those concerned about online banking security, but effective antivirus should already provide adequate protection. - Ransomware protection: Important for those particularly worried about ransomware, as premium features may offer additional monitoring. Overall, while premium antivirus software may provide extra features, the core protection from free versions is often sufficient for most users.

Tech Optimizer

September 10, 2025

Don’t Let Hackers Win, This 60% Off Solution Keeps Your Identity Safe at All Times

In 2024, there are over 600 million cyberattacks each day, with more than 1.7 billion individuals affected by data breaches in the past year, equating to nearly 54 people targeted every second. Avast is offering significant discounts on its paid cybersecurity solutions, including a 60% discount on the Premium Security package and the Ultimate plan. The Premium Security package covers one device and includes features like virus blocking and ransomware protection, while the Ultimate plan adds a SecureLine VPN, Cleanup Premium, and AntiTrack technology.

Tech Optimizer

August 15, 2025

The best antivirus software 2025

Antivirus software enhances security for desktop PCs, laptops, and mobile devices, protecting against threats like phishing, ransomware, and malware. Modern solutions provide alerts for untrusted websites and conduct regular scans. Bitdefender Total Security is recommended as the top antivirus, compatible with multiple platforms and offering features like anti-phishing protection and a built-in VPN. Norton Antivirus Plus provides real-time protection for one device and includes a firewall and cloud backup. McAfee offers antivirus protection across various platforms with additional features like a VPN and password manager. Surfshark provides basic antivirus functionality within its VPN packages. ESET Protect is tailored for small to medium-sized businesses, offering customizable security solutions. AVG offers a robust free antivirus option with thorough scanning capabilities. Prices for these antivirus solutions vary, with some offering free plans and others requiring annual subscriptions.

AppWizard

August 5, 2025

New Android Malware Poses as SBI Card and Axis Bank Apps to Steal Financial Data

McAfee’s Mobile Research Team has identified a malware campaign targeting Android users in India, specifically Hindi speakers. The malware disguises itself as legitimate financial applications from banks like SBI Card, Axis Bank, and IndusInd Bank. It is distributed through phishing websites that mimic official banking portals and uses authentic assets to appear credible. The malware has dual functionality: it exfiltrates personal and financial data and mines Monero cryptocurrency using the XMRig tool, activated remotely via Firebase Cloud Messaging (FCM). It masquerades as a Google Play update, prompting users to install it, which leads to data theft. Upon installation, the malware presents a fake Google Play interface and requests sensitive information, which is sent to a command-and-control server. After data submission, users see a misleading confirmation page. The malware employs a multi-stage dropper to evade detection, with remote activation capabilities that keep it dormant until triggered. Phishing sites promote the malicious APK through SMS, WhatsApp, or social media. McAfee has reported these threats to Google, resulting in the blocking of the associated FCM account. All variants are classified as high-risk, with infections primarily in India but some in other regions. Users are advised to download apps only from Google Play and to be cautious with unsolicited links. Indicators of Compromise (IOCs) include specific APKs for various credit cards and phishing site URLs related to the campaign.

AppWizard

July 7, 2025

Malware Surge Hits Android: Adware, Trojans and Crypto Theft Lead Q2 Threats

A concerning trend in mobile security shows that malicious applications and spyware are increasingly targeting Android users. Adware, particularly the Android.HiddenAds family, remains the most prevalent threat, despite a decrease in detections. The Android.MobiDash adware trojans have increased by over 11%. The Android.FakeApp malware, which disguises itself as legitimate applications, has seen a 25% decline in activity, primarily targeting Turkish and French-speaking users. The Android.Banker variant has surged by over 70%, indicating a rise in banking trojans. A large-scale crypto theft operation involved the Android.Clipper.31 trojan embedded in a modified WhatsApp version and low-cost Android firmware, which replaces cryptocurrency wallet addresses. Spyware named Android.Spy.1292.origin targets Russian military personnel through a counterfeit mapping application. Malicious applications continue to be found on Google Play, including adware disguised as cryptocurrency news apps and fake finance applications. The open nature of Android poses ongoing cybersecurity risks, even within official app stores.

Tech Optimizer

July 2, 2025

NordVPN blocks 90% of phishing sites and earns AV-Comparatives certification

NordVPN's Threat Protection Pro feature has successfully blocked 90% of phishing websites in independent testing by AV-Comparatives, making it the only VPN with certified phishing protection. This feature has been recognized for two consecutive years for its effectiveness in detecting phishing attempts, surpassing the 85% threshold required for certification. Threat Protection Pro is available to subscribers of NordVPN Plus, Complete, and Ultra plans, while Basic tier users only have access to a DNS filter. NordVPN has also ranked third among 35 competitors for avoiding online shopping scams in 2024 and achieved a 99.8% malware protection rate according to testing by West Coast Labs.