Edge 'Update' Is Ransomware Scam

Scammers are tricking Microsoft Edge users with a bogus software update. It's something of a backhanded compliment to the browser finding an audience.

Security company Malwarebytes says it worked with the independent research team "nao_sec" to identify the scam. At the moment it appears to be specifically targeting users in South Korea with ransomware, though the tactic could easily be adapted. (Source: techradar.com)

According to the researchers, the scam begins with a malicious ad, usually posted on a page with a lot of advertising. That's likely to make it harder to identify the culprit.

The ad then redirects the user to a website that checks the IP address to find the user's location, along with the details of the browser they are running. That's always available to websites so that they know whether to adjust any code to fit the browser's quirks.

'Update' Installs Malware

If the details match the scammer's targets (eg Edge users in South Korea) it redirects them to another page that appears to be a Microsoft message saying the browser needs an update. If the user falls for the scam, they'll actually download and install a malicious application.

In turn, that malicious applications downloads ransomware that encrypts files and demands a payment to unlock them.

It's key to note the bogus update scam isn't taking advantage of any problem with Edge itself. Malwarebytes notes the irony that this particular tactic is most likely to work against people whose browsers are genuinely up to date. Outdated browsers without the latest security patches are more likely to be hit by attacks that try to exploit a security flaw rather than misleading a human victim.

How To Check For Legit Updates

As a general rule it's safest to ignore most messages that claim a browser is up to date and offer a link to a supposed update, particularly when the message appears as a web page.

The best option is to make sure automatic updates are switched on in a browser. Users who are uncertain if Edge is really up to date can select the "Settings and more" option in the browser's own menus, then "Settings" and finally "About Microsoft Edge." This will show if an update is needed and, if so, include a direct button to start the process. (Source: ampproject.org)

What's Your Opinion?

Have you encountered this scam? Do you think you or people you know might fall for it? How do you handle updates to your browser?