You can find 'malvertising' that leads to harmful sites in Microsoft Edge's news feed

In the news feed of Microsoft Edge, where ads are mixed in with topical news, it was found that malicious advertisements `` malvertising '' that redirect users to harmful pages have been deployed for more than two months.

Malvertising on Microsoft Edge's News Feed pushes tech support scams

Microsoft Edge's News Feed ads abused for tech support scams

This was reported by the threat intelligence team of security company MalwareBytes, who said the attack had been confirmed for two months and was one of the largest campaigns at the time of confirmation.

When a user clicks on a deployed harmful ad, a request is sent via API to the Taboola Ad Network to approve the banner click. The server then responds with a request to load the fraudulent site.

When you load this scam site, you get Base64-encoded JavaScript on the first request. JavaScript is used to determine if a user is a potential target, present malicious redirects to targets, and to bots, VPN users, and users who are not geographically targeted. Instead, it redirects to a harmless “fake tech support page telling you that your PC is having a problem”.

The technical support page has a phone number for problem solving, and if you make a phone call, it seems that your PC will be locked or you will be told to purchase a support license.

In addition, Microsoft, which received the report, worked with the advertising provider to remove the malicious advertisement and block the advertiser from the network.

in Security, Posted by logc_nt