Skip to main content

Beware: Hackers are using a clever Microsoft Edge malvertising scam

If you’re still using Microsoft Edge, you need to beware — a new malvertising campaign has just been discovered, and if you fall victim to it, your PC might be at risk.

According to Malwarebytes, the attackers are abusing Microsoft Edge’s News Feed feature to target their victims. Here’s what we know about this clever new scam.

Screenshot of a Microsoft Edge scam attack.
Malwarebytes

Malvertising refers to incorporating malware into advertisements, which is exactly what’s happening in this latest Microsoft Edge scam. First spotted by Malwarebytes’ Threat Intelligence Team, the operation seems to have started at least two months ago, if not more. It’s hard to estimate how many people have fallen for the trick so far.

The scam campaign runs on a really large scale. The attackers supposedly switch between hundreds of different ondigitalocean.app subdomains per day and each one of those subdomains are used to host a scam website intended to scam unsuspecting Edge users.

The threat actors inject attention-grabbing ads into the Microsoft Edge news feed. If a user is tempted to check out the article, their browser is then checked for a number of things, such as their location and their timezone.

It seems that not all users are deemed to be “worthwhile” enough to proceed with the scam. If the user’s browser does not match the attacker’s requirements, they’re redirected to a decoy page and nothing else happens. However, if the user ticks all the boxes, they are directed to a scam landing page.

Assuming that the user makes it to the scam landing page, what follows is a well-known pattern that has been used by many threat actors in the past. The landing page tells the user that the Windows Defender Security Center found a trojan virus and blocked the computer for security reasons. They are then given a (supposedly toll-free) phone number to dial in order to unlock their computer.

Malwarebytes didn’t specify what happens if one calls the listed phone number, but the way this scam usually goes is that the scammers obtain remote control of your computer and lock it down until they are paid. This often appears to be legitimate and is less of extortion and more of a “pay us for fixing this technical issue for you” kind of thing. Users may also be offered to sign up for a longer-lasting tech support contract.

The Microsoft Edge browser is open on a Surface Book 2 in tablet mode.
Image used with permission by copyright holder

Microsoft Edge is the default browser for Windows users, and much like its (now retired) older sibling Internet Explorer, it’s mostly used to download a different browser. Statcounter puts Edge’s market share at 4.3%, making it a small fish in a big pond largely dominated by the shark that is Google Chrome (65.52%). It sometimes trades blows with Mozilla Firefox, which currently sits at a 3.16% market share.

For the time being, if you’re using Microsoft Edge and want to avoid problems, it’s best to ignore the news feed altogether and simply visit a reputable news site directly to stay up to date.

Monica J. White
Monica is a UK-based freelance writer and self-proclaimed geek. A firm believer in the "PC building is just like expensive…
What is Microsoft Teams? How to use the collaboration app
A close-up of someone using Microsoft Teams on a laptop for a videoconference.

Online team collaboration is the new norm as companies spread their workforce across the globe. Gone are the days of primarily relying on group emails, as teams can now work together in real time using an instant chat-style interface, no matter where they are.

Using Microsoft Teams affords video conferencing, real-time discussions, document sharing and editing, and more for companies and corporations. It's one of many collaboration tools designed to bring company workers together in an online space. It’s not designed for communicating with family and friends, but for colleagues and clients.

Read more
Update your Chrome browser now to gain this critical security feature
Google Chrome icon in mac dock.

Yesterday, in a blog post on Google's security blog, Willian Harris from Chrome's Security Team said that Google is improving the security of Chrome cookies on Windows PCs by adopting a similar method used in macOS to help protect users from info-stealing malware.

The security update addresses session cookies that authenticate your identity when you switch apps without logging back in. Google wants to adopt the security system used by Keychain on macOS and start using "a new protection on Windows," which updates Data Protection API (DPAPI) and brings a new security tool called "application-bound" encryption.

Read more
Microsoft Copilot: how to use this powerful AI assistant
Man using Windows Copilot PC to work

In the rapidly evolving landscape of artificial intelligence, Microsoft's Copilot AI assistant is a powerful tool designed to streamline and enhance your professional productivity. Whether you're new to AI or a seasoned pro, this guide will help you through the essentials of Copilot, from understanding what it is and how to sign up, to mastering the art of effective prompts and creating stunning images.

Additionally, you'll learn how to manage your Copilot account to ensure a seamless and efficient user experience. Dive in to unlock the full potential of Microsoft's Copilot and transform the way you work.
What is Microsoft Copilot?
Copilot is Microsoft's flagship AI assistant, an advanced large language model. It's available on the web, through iOS, and Android mobile apps as well as capable of integrating with apps across the company's 365 app suite, including Word, Excel, PowerPoint, and Outlook. The AI launched in February 2023 as a replacement for the retired Cortana, Microsoft's previous digital assistant. It was initially branded as Bing Chat and offered as a built-in feature for Bing and the Edge browser. It was officially rebranded as Copilot in September 2023 and integrated into Windows 11 through a patch in December of that same year.

Read more