Categories: CyberCrimeSecurity

Scammers Target Microsoft Edge Users Via News Feed

Security experts have warned of an ongoing scam targeting users of Microsoft’s Edge via advertisements inserted into the browser’s news feed.

The malicious ads lure users in with shocking or bizarre stories, after which they are directed to tech support scam pages, said computer security firm Malwarebytes.

Tech support scams typically attempt to convince users there is a security problem on their device and to pay for expensive services to remediate it, usually through means that make it difficult for them to get their money back, such as gift cards.

Such scammers may also trick users into installing software that gives them access to all information stored on it and any network connected to it.

Image credit: Malwarebytes

Browser locker

Edge… is the default browser on the Microsoft Windows platform and as such some segments of its user base are of particular interest to fraudsters,” Malwarebytes said.

The firm said the scam had been going for at least two months.

It serves malicious ads over the Taboola ad network and those who click on an ad are initially sent a Base64 encoded JavaScript designed to filter out bots, VPNs and geolocations that are not of interest to the scammers.

Those the scammers aren’t interested in are sent to a harmless decoy page related to the ad.

Potential targets are directed to a browser locker page, a type of scam that prevents the user from leaving the current tab, which displays intimidating messages.

Image credit: Malwarebytes

Cloud infrastructure

In this case the scam page tells the user their system has been locked and tries to get them to call a US toll-free number that pretends to be a Microsoft technical support line, a typical tactic.

The scheme is notable for the cloud infrastructure it leverages, which makes the scam very difficult to block, Malwarebytes said.

Within a span of 24 hours the firm saw the scammers using more than 200 different hostnames on ondigitalocean.app.

“This particular campaign is currently one of the biggest we are seeing in terms of telemetry noise,” Malwarebytes said in an advisory.

Microsoft did not immediately respond to a request for comment.

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

Elon Musk Appeals To Advertisers, Backtracks Over Notorious Outburst

Wooing advertisers back? Elon Musk says his remark telling advertisers to “go f--- yourself” did…

12 hours ago

US Urges Netherlands, Japan To Increase Chip Kit Restrictions For China

American official heads to Japan after Dutch meeting, as US seeks to increase restrictions on…

13 hours ago

UK Investigates HPE’s $14bn Acquisition Of Juniper Networks

UK competition regulator begins investigation into the multi billion dollar acquisition of Juniper Networks by…

14 hours ago

Fisker Files For Chapter 11 Bankruptcy

EV maker Fisker files for bankruptcy protection in the US – the second EV venture…

15 hours ago

Nvidia Overtakes Microsoft As Most Valuable Tech Firm

Nvidia dethrones Microsoft as world's most valuable tech firm, in ongoing market capitalisation battle of…

19 hours ago

Apple Drops ‘Buy Now, Pay Later’ Service

Apple sunsets its buy now, pay later service known as 'Apple Pay Later', and will…

19 hours ago