Microsoft Edge Users Beware: Tech Support Scam via Newsfeed

Microsoft’s Edge Browser is built off of Chrome is the default (and if S Mode is enabled only) browser for Windows 10 and 11. Some users are being feed fake stories in their Microsoft Edge Newsfeed which when clicked-on can bring up a fake Microsoft Defender Security Center landing page with a toll-free number to call Microsoft. Alternatively, clicking the ‘ad’ may bring the user to a decoy page. This is yet another variation of the ever evolving and popular Tech Support Scams. These fake ads/stories have a catchy headline and picture such as ‘Man Finds a Hidden Cave Inside His Property’.  The one thing to pay attention to before clicking the tile is look to the bottom left corner of the tile and see if the word ‘Ad’ with a box around it is displayed. If this the case then it is fake story disguised as an Ad to lure you into a Tech Support Scam trap.

An ongoing malvertising campaign is injecting ads in the Microsoft Edge News Feed to redirect potential victims to websites pushing tech support scams.

This scam operation has been running for at least two months, according to Malwarebytes’ Threat Intelligence Team, who said this is one of the most extensive campaigns at the moment based on the amount of telemetry noise it generates.

Tech Support Scam Browser Locker Pop-up

Tech support scam landing page (Malwarebytes)

The above ‘browser locker’ screen is quite busy. There is dimmed out (and fake) Blue Screen of Death (BSOD) in the background, the blue block of text that is visible includes the text “Your PC has alerted us it has been infected with a Trojan Spyware”. Plus there is a (Toll-Free) number to call “Microsoft Support”.  I am sure if you click the ‘X’ to try to close the pop-up it is just going to reappear and perhaps they have made it so you can not click the ‘X’ in the Microsoft Edge title bar to close the browser. Users may be able to

Here are a couple giveaways this browser pop-up is fake and a scam:

  1. Microsoft Edge (or any other browser) is not going to display a BSOD. Only the Windows operating system itself will display a BSOD and there is not going to be any pop-ups or windows in foreground.
  2. While some anonymous telemetry data (unless the user has opted out) is sent to Microsoft. your PC is not “phoning home” to Microsoft to let them know it is infected.
  3. A genuine Microsoft Windows Defender Security Center alert is not going to have a phone number to call Microsoft.
  4. There is no such thing as Microsoft Security app. Windows Security yes, but no Microsoft Security.

If you accidentally trip the trap. DO NOT panic! DO NOT call the phone number! DO NOT click on anything! Close Edge via ALT+F4 or force close via Task Manager (CTRL+ALT+DELETE) then selecting Microsoft Edge then clicking End task.

via BleepingComputer