phishing websites Archives

Tech Optimizer

February 11, 2026

NordVPN Stopped Most Phishing Emails in Third-Party Testing, Study Says

NordVPN's Threat Protection Pro blocked 92% of phishing websites in an independent lab test conducted by AV-Comparatives, which evaluated 15 products against 250 verified phishing URLs. The test took place between January 7 and January 19, using Google Chrome for assessments. NordVPN's product ranked fourth, while the top three performers were Avast Free Antivirus and Norton Antivirus Plus (both at 95%) and Webroot SecureAnywhere Internet Security Plus (93%). The software provides protection against phishing attempts and malware infections, even when not connected to a VPN. Phishing attacks have surged by 4,151% since the introduction of ChatGPT in 2022, with companies facing significant financial losses per breach. AI is being used to enhance phishing tactics, including deepfake videos and voice impersonations. Despite its effectiveness, NordVPN's Threat Protection Pro cannot remove existing malware on devices.

Tech Optimizer

January 30, 2026

NordVPN blocks 92% malicious sites in independent phishing test

NordVPN successfully blocked 92% of phishing websites in an evaluation by AV-Comparatives, highlighting the effectiveness of its anti-malware tool, Threat Protection Pro. The assessment, conducted from January 7 to January 19, 2026, analyzed 250 phishing URLs, with NordVPN's Threat Protection Pro ranking fourth among tested products. The tool is designed to protect users from various online threats and operates at the network level, scanning traffic directly on the user's device. Threat Protection Pro is available to higher-tier subscribers on the Plus, Complete, and Ultra plans, and is compatible with Windows and macOS. Despite slipping from previous podium finishes, Threat Protection Pro has consistently ranked high in evaluations and was the first VPN service to receive AV-Comparatives' approval for anti-phishing protection in 2024. It also received accolades from AV-TEST and West Coast Labs for its phishing detection capabilities.

Tech Optimizer

January 13, 2026

Trusted Antivirus Protection for PCs

Your PC requires robust antivirus protection due to its diverse usage, and Windows 11 offers built-in protections that operate seamlessly. Antivirus software, such as Microsoft Defender in Windows 11, protects against threats like viruses, malware, phishing websites, and suspicious email attachments. However, it cannot fully defend against social engineering scams, new ransomware, zero-day vulnerabilities, or risky online behaviors. Microsoft Defender provides automatic threat scanning, works with the Windows firewall, utilizes cloud intelligence, alerts users to unsafe content, and offers ransomware protection. To enhance security, users should keep software updated, use strong passwords, secure their Wi-Fi, enable firewalls, and back up files regularly.

Tech Optimizer

December 30, 2025

NordVPN’s Threat Protection Pro™ ranks third in an independent anti-phishing test

AV-Comparatives conducted the 2025 Anti-Phishing Comparative Test, evaluating the phishing detection capabilities of various antivirus products, browsers, and VPNs using 1,000 phishing URLs. NordVPN's Threat Protection Pro™ achieved a 90% detection rate of phishing websites, ranking third in the evaluation. To qualify for AV-Comparatives’ Anti-Phishing Protection approval, products must detect and block at least 85% of phishing URLs without generating false positives. NordVPN is the only VPN provider to receive this recognition.

Tech Optimizer

December 24, 2025

NordVPN’s Threat Protection Pro™ ranks third in an independent anti-phishing test

AV-Comparatives has released its 2025 Anti-Phishing Comparative Test results, evaluating the phishing detection capabilities of various antivirus products, browsers, and VPNs using 1,000 phishing URLs. NordVPN's Threat Protection Pro™ achieved a 90% average detection rate for phishing websites, securing third place in the test. NordVPN was the first VPN service to receive AV-Comparatives' approval for anti-phishing protection and has maintained this certification, being the only VPN provider with such recognition. To gain AV-Comparatives' approval, a product must detect and block at least 85% of tested phishing URLs without false alarms on legitimate sites.

AppWizard

December 18, 2025

Kimsuky Spreads DocSwap Android Malware via QR Phishing Posing as Delivery App

A new Android malware campaign has been launched by the North Korean threat actor Kimsuky, introducing a variant called DocSwap. This malware is distributed via QR codes on phishing websites that impersonate CJ Logistics. Attackers use QR codes and notification pop-ups to lure victims into downloading the malware, which decrypts an embedded APK and activates Remote Access Trojan (RAT) capabilities. The malicious app is disguised as a legitimate application to bypass Android's security measures. Victims are tricked into installing the app through smishing texts or phishing emails that mimic delivery companies. The app downloads an APK named "SecDelivery.apk," which then loads the malware. It requests permissions to access various device functions and registers a service that simulates an OTP authentication screen. The app connects to an attacker-controlled server, allowing execution of commands such as logging keystrokes, capturing audio, and gathering sensitive information. Additionally, two other malicious samples have been identified, disguised as a P2B Airdrop app and a trojanized version of the BYCOM VPN app. The campaign also includes phishing sites mimicking popular South Korean platforms to capture user credentials.

AppWizard

November 17, 2025

Sbazar.cz launches in-app messenger and mobile app

Seznam has launched a new mobile application for its classifieds platform, Sbazar.cz, replacing an outdated version. The app includes the Sbazar Messenger feature to enhance user security and reduce scams. Product manager Jakub Rybár noted the increasing sophistication of fraud attempts, leading to the blocking of 50-100 suspicious accounts monthly. The app centralizes communication to mitigate risks from fake emails and phishing. Mobile users now represent over half of the site's traffic, and the app offers functionalities such as account management, listing creation and editing, and push notifications. Sbazar.cz is the third most popular classifieds site in the Czech Republic, with 3.4 million visits in October, trailing Bazos.cz and Aukro.cz. Seznam also manages other platforms, including Sauto.cz and Sreality.cz.

AppWizard

October 9, 2025

New ClayRat Spyware Targets Android Users via Fake WhatsApp and TikTok Apps

A sophisticated Android spyware campaign called ClayRat is targeting users in Russia through Telegram channels and deceptive phishing websites that mimic popular applications like WhatsApp and TikTok. Once activated, ClayRat can exfiltrate sensitive data such as SMS messages and call logs, access device information, take photos, and send messages or make calls from the victim's device. It propagates by sending malicious links to all contacts in the victim's phone book. Over the past 90 days, Zimperium has identified over 600 samples and 50 droppers of ClayRat, which uses advanced obfuscation techniques to evade detection. The malware redirects users to fraudulent websites leading to Telegram channels, where they are lured into downloading APK files. Some samples function as droppers, displaying counterfeit Play Store update screens while concealing the actual payload. Once installed, ClayRat communicates with its command-and-control infrastructure and can capture sensitive content, making infected devices automated distribution nodes. Additionally, a study by researchers from the University of Luxembourg and Université Cheikh Anta Diop found that pre-installed applications on budget Android smartphones sold in Africa operate with elevated privileges, with 9% disclosing sensitive data and 16% exposing critical components without safeguards.

AppWizard

October 3, 2025

New Android Spyware Targeting Users by Imitating Signal and ToTok Apps

ESET researchers have identified two Android spyware campaigns targeting users in the UAE, disguised as messaging applications Signal and ToTok. The first spyware family, Android/Spy.ProSpy, poses as upgrades for these apps, while the second, Android/Spy.ToSpy, specifically targets ToTok users. Both malware families were not found on official app stores and were distributed through phishing websites. The ProSpy campaign, active since 2024, uses deceptive sites to offer malicious APK files as enhancements. The ToSpy campaign, identified since mid-2022, targets ToTok backup files and has ongoing operations. Both spyware types collect extensive data, including contacts and SMS messages, and maintain persistent background operations. Google Play Protect offers some defense against these threats, and users are advised to avoid unofficial app installations.

AppWizard

October 2, 2025

Signal Messenger Impersonated in ‘ProSpy’ Android Spyware Campaign

ESET researchers have identified two Android spyware campaigns, ProSpy and ToSpy, which masquerade as secure messaging apps, Signal and ToTok. These malware families were first detected in June 2025 and are distributed through phishing websites and fake app marketplaces. ProSpy, which mimics a “Signal encryption plugin” or an enhanced ToTok, extracts sensitive user information, including SMS messages, contacts, and device metadata, after gaining permissions. It disguises itself as “Play Services” to avoid detection. ToSpy, discovered concurrently, seeks to capture specific files related to ToTok backups and collects various document types. Both malware types maintain long-term access to infected devices and have been reported to Google, resulting in Play Protect blocking their known variants. The main targets of these campaigns are users in the United Arab Emirates.