In Microsoft Edge’s news feed, where ads are mixed with topical news, malicious “malvertising” ads that redirect users to harmful pages were found to have been used for more than two months.
Malvertising on Microsoft Edge’s News Feed is pushing tech support scams
https://www.malwarebytes.com/blog/threat-intelligence/2022/09/microsoft-edges-news-feed-pushes-tech-support-scam
Microsoft Edge’s News Feed ads were misused for tech support scams
https://www.bleepingcomputer.com/news/security/microsoft-edge-s-news-feed-ads-abused-for-tech-support-scams/
This was reported by the threat intelligence team of security firm MalwareBytes, who said the attack had been confirmed for two months and was one of the largest campaigns at the time of confirmation.
When a user clicks on a harmful ad that is used, a request is sent via API to the Taboola Ad Network to approve the flag click. The server then responds with a request to load the rogue site.
When I load this scam site, on the first tryBase64 encoded JavaScriptis ensured. JavaScript is used to determine if a user is a potential target, deliver malicious redirects to targets, and to bots, VPN users, and non-geo-targeted users. Instead, it redirects to a fake “innocuous tech support page that tells you your PC is having a problem”.
The technical support page has a phone number for troubleshooting, and if you make a phone call, it appears that your PC will be locked or you will be told to purchase a support license.
In addition, Microsoft, which received the report, worked with the advertising provider to remove the malicious ad and block the advertiser from the network.
Copy the title and URL of this article
