Microsoft seems to be doing a lot to improve the security on Windows 11. The company has also been adding security features like "Enhanced Security" to its Edge browser that is getting more popular according to the latest data. For the unwary out there though, scammers and similar other threat actors and miscreants are lying and waiting.
Anti-malware solutions maker Malwarebytes has recently uncovered such a campaign which is serving tech support scams via malicious ads in Microsoft Edge's "My Feed" section. The image above is that of a screenshot of a malvertising campaign where a fake browser locker page is displayed to dupe potential victims.
The image below shows steps explaining how the campaign works. The adware is smart in the way it operates as Malwarebytes has found that the malicious ad banner redirects only potential targets to the tech support scam page. Meanwhile bots, VPNs and geo-locations are shown the actual ad page powered by the Taboola ad network. The firm notes that the differentiation is made with a help of a base64-encoded JavaScript string.
In the span of just 24 hours, Malwarebytes managed to collect over 200 different hostnames. Somewhat unsurprisingly perhaps, one of the associated domains is linked to an individual who appears to be the director of a software company operating in Delhi, India. You can find more details about this malvertising campaign on Malwarebytes' blog post about the topic.
While this may come as a bit of surprise to many of our readers, recent FBI data found the amount of monetary loss from such scams had more than doubled in 2021 since 2020. The jump was even bigger in 2019-2020 where many were confined at home due to COVID-19 restrictions.
31 Comments - Add comment