In our efforts to keep you up to date with the latest malware scams and help keep you safe when you are online, we have reported on some rather ingenious ways that scammers and malicious actors have been trying to infect your devices. This includes a scam hidden inside a fake job offer that ended up costing a company over $620 million. Today we bring you news of another scam that malicious actors have been trying to push through the Microsoft Edge News Feed. Here is what you need to know.
Cybersecurity researchers at Malwarebytes have published a report explaining how a new “malvetising” campaign has been targeting Edge users via the browsers News Feed. The Feed shows up on Edge as a series of thumbnails that link to news articles, various advertisements, traffic updates, etc. The report shows that scammers have been hiding the malware in various ads and attempting to redirect users to scam tech support offers.
What is scary about this scam is that the Microsoft Edge News Feed is automatically set as the browser’s homepage meaning that if you are an Edge user and you haven’t manually set your homepage it will be your Microsoft Edge homepage too. The scams use bizarre and clickbait-like titles to try and draw users in to clicking on them.
Once clicked, the rather sophisticated scam scans the user to make sure they are suitable for targeting and then either sends them to the fake tech support page or sends them to a decoy page. According to Malwarebytes this “fingerprinting” script is more advanced than normal scams, which is why they published the report explain how it works:
“The goal of this script is to only show the malicious redirection to potential victims, ignoring bots, VPNs and geolocations that are not of interest that are instead shown a harmless page related to the advert.”
This scam just goes to show that even though you may take things such as your browser’s homepage for granted and not really give it too much thought, scammers are constantly looking for novel ways to catch you off guard. Always try to remain vigilant and always try to take a second to consider anything that may look strange or if it shouldn’t be there.
In other recent cybersecurity news, hackers have been targeting hotels and travel companies using fake reservations.