Anyone who uses Chrome needs to be on high alert when surfing the web or checking their daily dose of emails. Security experts say they have discovered a nasty hidden threat that is luring browser users into downloading malware via fake updates. According to the team at Proofpoint, there’s been a dramatic increase in cyber crooks using this method to spread data-stealing viruses across the globe and it’s not hard to see why people are being caught out.
What makes this threat scary is how real the bogus Chrome updates appear with an official-looking web page popping up that tells users they need to update immediately if they want to continue viewing content. Everything about the upgrade seems real with logos and fonts designed to mimic Google’s exact and official pages. YOU CAN SEE EXAMPLES BELOW
To the untrained eye, it appears nothing sinister is going on but once the update button is ticked the users don’t download a legitimate browser update but rather harmful malware.
It’s not just Chrome that’s being targeted with Proofpoint saying it has also spotted similar fake updates for Firefox and Edge.
There’s a total of four different attacks taking place at the moment with each just as harmful as the other. These include bugs such as TA569, SocGholish and RogueRaticate which are all capable of stealing personal data.
How to update Google Chrome on your computer
We use your sign-up to provide content in ways you’ve consented to and to improve our understanding of you. This may include adverts from us and 3rd parties based on our understanding. You can unsubscribe at any time. More info
“Proofpoint has observed an increase in threat activity using fake browser updates to deliver a variety of malware including payloads,” Proofpoint explained. “SocGholish and TA569 have demonstrated that compromising vulnerable websites to display fake browser updates works as a viable method for malware delivery, and new actors have learned from TA569 and started to adopt the lure in their own ways.”
If you are browsing the web and a sudden browser alert pops up on the screen you should ignore it and shut the window.
Most browsers will update automatically and you can always check if an official update has been released by heading to the settings menu.
Clicking on these fake update pages won’t give you a shiny new browser – instead, you’re likely to get a PC full of malware.
If you think you may have already tapped on an unofficial link it would be wise to check for viruses, change any passwords and keep an eye on your bank account.
Source: Read Full Article