Windows 10 default browser is Microsoft Edge, which is fast, reliable and much more secure than Internet Explorer. Microsoft security researchers have found that how hackers are using Edge to manipulate fake red security alerts that are similar to original Microsoft Edge Malware Warning.
Many Microsoft Edge users are aware of the scam message that pops up on their screens, telling them that their device may be at risk, and telling them to call special number for technical support. As we all know that these warnings are simply scam and the number given in warning will not direct you to real Microsoft support engineer but to the scammers, and this call will end up in pointless and expensive billing or granting hackers access to your devices.
SmartScreen filter is one of the security features of Microsoft Edge. Red color, which is also known as Microsoft Edge protection alert warning is displayed every time a user visits unsafe website, which may contain malicious content such as malicious scripts, suspicious downloads or reports of the website being unsafe.
Manuel Caballero, a researcher from Buenos Aires, Argentine, has shown that how hackers can hijack SmartScreen warning displayed by Microsoft Edge for malicious purpose by carefully crafting of the URL. Hackers force a user to call a phone number given in message by displaying a legitimate-looking warning, from there they can even steal some most private information.
And for user’s convenience, an automatic link is created in telephone-like number so that user can call with a single click.
There is no immediate danger by this threat. As Carabello confirmed it is possible to manipulate the message and there is a flaw in Edge browser. Since it was verified how the message can be manipulated, hackers and malware programmers are happy and working on how to take advantage of this flaw in Microsoft Edge browser. Since Edge is gaining fame as a browser, they are not going to sit quietly and allow this opportunity to pass over.
Meanwhile what users can do to avoid being a victim?
- Never call a number, which is included in red alert from SmartScreen filter
- If you think of disabling SmartScreen filter then it is not recommended as it helps in keeping your device safe from malicious websites
Protect your friends, family, and colleagues from spreading awareness about Microsoft Edge malware message.