Categories: CyberCrimeSecurity

Scammers Target Microsoft Edge Users Via News Feed

Security experts have warned of an ongoing scam targeting users of Microsoft’s Edge via advertisements inserted into the browser’s news feed.

The malicious ads lure users in with shocking or bizarre stories, after which they are directed to tech support scam pages, said computer security firm Malwarebytes.

Tech support scams typically attempt to convince users there is a security problem on their device and to pay for expensive services to remediate it, usually through means that make it difficult for them to get their money back, such as gift cards.

Such scammers may also trick users into installing software that gives them access to all information stored on it and any network connected to it.

Image credit: Malwarebytes

Browser locker

Edge… is the default browser on the Microsoft Windows platform and as such some segments of its user base are of particular interest to fraudsters,” Malwarebytes said.

The firm said the scam had been going for at least two months.

It serves malicious ads over the Taboola ad network and those who click on an ad are initially sent a Base64 encoded JavaScript designed to filter out bots, VPNs and geolocations that are not of interest to the scammers.

Those the scammers aren’t interested in are sent to a harmless decoy page related to the ad.

Potential targets are directed to a browser locker page, a type of scam that prevents the user from leaving the current tab, which displays intimidating messages.

Image credit: Malwarebytes

Cloud infrastructure

In this case the scam page tells the user their system has been locked and tries to get them to call a US toll-free number that pretends to be a Microsoft technical support line, a typical tactic.

The scheme is notable for the cloud infrastructure it leverages, which makes the scam very difficult to block, Malwarebytes said.

Within a span of 24 hours the firm saw the scammers using more than 200 different hostnames on ondigitalocean.app.

“This particular campaign is currently one of the biggest we are seeing in terms of telemetry noise,” Malwarebytes said in an advisory.

Microsoft did not immediately respond to a request for comment.

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

UK’s CMA Readies Cloud Sector “Behavioural” Remedies – Report

Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector

3 hours ago

Former Policy Boss At X Nick Pickles, Joins Sam Altman Venture

Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…

5 hours ago

Bitcoin Rises Above $96,000 Amid Trump Optimism

Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…

7 hours ago

FTX Co-Founder Gary Wang Spared Prison

Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…

7 hours ago