1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Microsoft Edge News Feed infiltrated by tech support scammers

    From TechnologyDaily@1337:1/100 to All on Fri Sep 16 21:45:03 2022
    Microsoft Edge News Feed infiltrated by tech support scammers

    Date:
    Fri, 16 Sep 2022 20:27:17 +0000

    Description:
    Unsuspecting Microsoft Edge users have been targeted by scammers with malicious domains.

    FULL STORY ======================================================================

    Scammers are planting malicious advertisements in the Microsoft Edge news feed, according to new research from antivirus and VPN provider Malwarebytes.

    In a blog post by its threat intelligence team, the company claims that the scheme, set up to direct victims to tech support scam pages, has been in motion for at least two months.

    This particular scam operation has been particularly effective because of Microsoft Edges news feed doubling as the web browsers homepage, increasing the chances that users may be lured by shocking or bizarre stories that have been placed there by attackers. Fake news in Microsoft Edge

    Once a user has clicked on a false news story, a script is run to decide if a user should be targeted by the scam. According to Malwarebytes, the script aims to filter out bots, VPNs, and geolocations that are not of interest, and that these machines are instead sent to a harmless decoy page.

    This scheme is meant to trick innocent users with fake browser locker pages, very well known and used by tech support scammers, wrote Malwarebytes, in reference to the scourge of malvertising , whereby threat actors serve up
    fake advertisements to users in order to compromise their devices.

    The scam operation relies on an ever-changing list of malicious domains
    served up by DigitalOceans cloud-based web hosting infrastructure, making the threat difficult to stamp out completely. Malwarebytes claimed that, over the course of 24 hours, over 200 different hostnames were being used to scam tech support pages.

    It also noted the considerable efforts to obscure identifying information (known as fingerprinting ) about servers and devices involved in the
    campaign.

    The company did, however, connect one of the collected domains, previously reported as suspicious , to Sumit Kalra, listed as a director for Mws
    Software Services Private Limited, a Delhi-based company working in Computer and related activities.

    It also linked Kalra to a number of other domains involved with this particular campaign, which Malwarebytes has said is one of the biggest we are seeing in terms of telemetry noise.

    TechRadar Pro has asked Kalra, Mws Software Services Private Limited, and Microsoft for comment. Default browsers and malvertising

    Microsoft Edge is the default web browser on Windows 10 and 11, making it a prime target for scammers looking to target the largest number of
    unsuspecting users who are less aware of what measures they can take to stay secure online.

    Users looking to protect themselves from fake tech support scams and other threat actors may wish to install one of the best free VPNs , consider an anonymous web browser , or simply change their Microsoft Edge homepage from the default news feed.

    They should also maintain a healthy skepticism when interacting with content from an unfamiliar or disreputable source. If a news story sounds too good to be true, thinking twice before clicking on it can go a long way. READ MORE

    Check out our picks for the best browsers with a built-in VPN


    Opera launches Pro tier for its built-in browser VPN


    You could soon control your VPN through Microsoft Edge

    Clicking on a fake advertisement can result in a device being infected with malware . But scammers sometimes just want users to believe theyve been infected, and follow through with what the page is requesting of them. This may be to call a certain phone number, or send money to an unknown actor -
    the latter being a form of ransomware .

    To stay safe, users should also be vigilant about the pages making these requests. Usually, its antivirus software, not a web browser, that reports on threats to a devices security. Here's a list of the best VPNs for PCs



    ======================================================================
    Link to news story: https://www.techradar.com/news/microsoft-edge-news-feed-infiltrated-by-tech-su pport-scammers/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)