Categories: CyberCrimeSecurity

Scammers Target Microsoft Edge Users Via News Feed

Security experts have warned of an ongoing scam targeting users of Microsoft’s Edge via advertisements inserted into the browser’s news feed.

The malicious ads lure users in with shocking or bizarre stories, after which they are directed to tech support scam pages, said computer security firm Malwarebytes.

Tech support scams typically attempt to convince users there is a security problem on their device and to pay for expensive services to remediate it, usually through means that make it difficult for them to get their money back, such as gift cards.

Such scammers may also trick users into installing software that gives them access to all information stored on it and any network connected to it.

Image credit: Malwarebytes

Browser locker

Edge… is the default browser on the Microsoft Windows platform and as such some segments of its user base are of particular interest to fraudsters,” Malwarebytes said.

The firm said the scam had been going for at least two months.

It serves malicious ads over the Taboola ad network and those who click on an ad are initially sent a Base64 encoded JavaScript designed to filter out bots, VPNs and geolocations that are not of interest to the scammers.

Those the scammers aren’t interested in are sent to a harmless decoy page related to the ad.

Potential targets are directed to a browser locker page, a type of scam that prevents the user from leaving the current tab, which displays intimidating messages.

Image credit: Malwarebytes

Cloud infrastructure

In this case the scam page tells the user their system has been locked and tries to get them to call a US toll-free number that pretends to be a Microsoft technical support line, a typical tactic.

The scheme is notable for the cloud infrastructure it leverages, which makes the scam very difficult to block, Malwarebytes said.

Within a span of 24 hours the firm saw the scammers using more than 200 different hostnames on ondigitalocean.app.

“This particular campaign is currently one of the biggest we are seeing in terms of telemetry noise,” Malwarebytes said in an advisory.

Microsoft did not immediately respond to a request for comment.

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

Toyota-Backed Joby Flies ‘Air Taxi’ In Japan

Joby Aviation and Toyota Motor complete demonstration flight in Shizuoka as companies prepare to bring…

3 mins ago

Nvidia Asked SK Hynix To Advance Next-Gen AI Memory Production

SK Hynix says Nvidia chief executive Jensen Huang asked if production of next-gen HBM4 memory…

32 mins ago

Is the Digital Transformation of Businesses Complete?

Digital transformation is an ongoing journey, requiring continuous adaptation, strong leadership, and skilled talent to…

21 hours ago

Craig Wright Faces Contempt Claim Over Bitcoin Lawsuit

Australian computer scientist faces contempt-of-court claim after suing Jack Dorsey's Block and Bitcoin Core developers…

22 hours ago

OpenAI Adds ChatGPT Search Features

OpenAI's ChatGPT gets search features, putting it in direct competition with Microsoft and Google, amidst…

22 hours ago

Google Maps Steers Into Local Information With AI Chat

New Google Maps allows users to ask for detailed information on local spots, adds AI-summarised…

23 hours ago