Skip to main content
  1. Home
  2. Computing
  3. News

Beware: Hackers are using a clever Microsoft Edge malvertising scam

By

If you’re still using Microsoft Edge, you need to beware — a new malvertising campaign has just been discovered, and if you fall victim to it, your PC might be at risk.

According to Malwarebytes, the attackers are abusing Microsoft Edge’s News Feed feature to target their victims. Here’s what we know about this clever new scam.

Screenshot of a Microsoft Edge scam attack.
Malwarebytes

Malvertising refers to incorporating malware into advertisements, which is exactly what’s happening in this latest Microsoft Edge scam. First spotted by Malwarebytes’ Threat Intelligence Team, the operation seems to have started at least two months ago, if not more. It’s hard to estimate how many people have fallen for the trick so far.

Recommended Videos

The scam campaign runs on a really large scale. The attackers supposedly switch between hundreds of different ondigitalocean.app subdomains per day and each one of those subdomains are used to host a scam website intended to scam unsuspecting Edge users.

Please enable Javascript to view this content

The threat actors inject attention-grabbing ads into the Microsoft Edge news feed. If a user is tempted to check out the article, their browser is then checked for a number of things, such as their location and their timezone.

It seems that not all users are deemed to be “worthwhile” enough to proceed with the scam. If the user’s browser does not match the attacker’s requirements, they’re redirected to a decoy page and nothing else happens. However, if the user ticks all the boxes, they are directed to a scam landing page.

Assuming that the user makes it to the scam landing page, what follows is a well-known pattern that has been used by many threat actors in the past. The landing page tells the user that the Windows Defender Security Center found a trojan virus and blocked the computer for security reasons. They are then given a (supposedly toll-free) phone number to dial in order to unlock their computer.

Malwarebytes didn’t specify what happens if one calls the listed phone number, but the way this scam usually goes is that the scammers obtain remote control of your computer and lock it down until they are paid. This often appears to be legitimate and is less of extortion and more of a “pay us for fixing this technical issue for you” kind of thing. Users may also be offered to sign up for a longer-lasting tech support contract.

The Microsoft Edge browser is open on a Surface Book 2 in tablet mode.
Image used with permission by copyright holder

Microsoft Edge is the default browser for Windows users, and much like its (now retired) older sibling Internet Explorer, it’s mostly used to download a different browser. Statcounter puts Edge’s market share at 4.3%, making it a small fish in a big pond largely dominated by the shark that is Google Chrome (65.52%). It sometimes trades blows with Mozilla Firefox, which currently sits at a 3.16% market share.

For the time being, if you’re using Microsoft Edge and want to avoid problems, it’s best to ignore the news feed altogether and simply visit a reputable news site directly to stay up to date.

Editors’ Recommendations

Topics
Monica J. White
Monica J. White
Computing Writer
Monica is a computing writer at Digital Trends, focusing on PC hardware. Since joining the team in 2021, Monica has written…
Microsoft is making a major change to using your iPhone in Windows
The Dell XPS 13 on a table with the Start Menu open.

In a recent Windows Insider Blog post, Microsoft announced it's adding the option for iPhone users to access their phones from the Start menu. Thanks to a special widget next to the Start menu, when you connect your phone, you can see data such as notifications, battery indicators, recent contacts, connection status, and more.

To enjoy this feature, you must use the recent Windows 11 preview build from the Dev and Beta channels, and you must be a Windows Insider. You must also update the Phone Link app to version 1.24121.30.0 or higher, have a Microsoft account, and have a PC that supports Bluetooth LE. Microsoft said it does not support PCs running Pro Education or Education SKUs. Even if this doesn't affect you, the update is rolling out in phases, so reaching your PC might take some time if you don't already have it.

Read more
Microsoft Edge just got a secret weapon against scareware
Microsoft Defender and Edge Security settings are open on a PC monitor.

Microsoft announced its new scareware blocker at the 2024 Ignite conference a few months ago and now it's ready for users to try out. This preview is open to everyone who uses Edge; you just need to make sure you have previews enabled and that your browser is up to date.

Everyone knows about malware nowadays, which means people can get anxious very quickly if they have reason to think their PC has been infected. Scareware scams take advantage of this, using underhanded tactics to make users feel like they're not in control of their PCs and need to call the "tech support" number provided onscreen. The scammer then gains access to the computer by guiding the user over the phone.

Read more
It looks like Microsoft has yet another anti-Google trick up its sleeve
Microsoft Edge appears on a computer screen with plants and a window in the background.

Microsoft drew attention at the beginning of this month for showing rather misleading Google-style search bar when users searched for the rival engine on Bing. Now, it appears the company is targeting the Chrome browser as well. Spotted by Windows Latest, some users may see a big banner pushing Edge when they search for Chrome while using Microsoft's browser.

The real dodgy part, however, is the fact that this banner just happens to partially hide the Chrome download link behind a "See more" button.

Read more