vissha Posted December 12, 2016 Share Posted December 12, 2016 Scammers Can Use Microsoft Edge Security Feature to Display Fake Warnings Security researcher finds way to abuse SmartScreen Quote SmartScreen is one of the security features that Microsoft is offering in Edge browser to warn of websites that are flagged as dangerous for users’ computers, but a security researcher has discovered that cybercriminals can abuse this feature to deliver false warnings. Manuel Caballero explains in a blog post that Microsoft Edge has a vulnerability that allows ms-appx: and ms-appx-web: commands to generate fake alerts very similar to the one issued by SmartScreen and which could be used in more complex schemes. For example, the attackers can use these warnings to convince unsuspecting victims to call a phone number, where phone scammers would attempt to steal users’ information. “As a bonus, when we place a telephone-like number, a link is automatically created so the user can call us with a single click. Very convenient for these scammers,” the researcher notes. Microsoft’s SmartScreen SmartScreen is a feature that’s available in both Microsoft Edge and Internet Explorer, but this bug has been demonstrated only in the default Windows 10 browser. In essence, SmartScreen is a super helpful feature that keeps users protected from websites that could be used to spread malware. “SmartScreen checks the sites you visit against a dynamic list of reported phishing sites and malicious software sites. If it finds a match, SmartScreen will show you a warning letting you know that the site has been blocked for your safety,” Microsoft explains. Microsoft is working hard to improve browser security in Edge, so it goes without saying that this is going to be fixed for sure in the coming updates. Edge receives updates on a regular basis and large OS updates, such as the upcoming Creators Update, bring a plethora of improvements for the browser, including features and fixes that are specifically supposed to make the app faster, more reliable and secure. Source Dear $h*t MS & Sh*tya Nudella, Don't ever tell Win 10 is secure than older or other OS'. Link to comment Share on other sites More sharing options...
davendranath Posted December 12, 2016 Share Posted December 12, 2016 Scammers are using Microsoft Edge Security Feature to Display Fake Warnings.One fake warning I recieved and message was that some porn site is stealing your credit card and other informations kindly contact a specified number free of charge.The same informaion was simaltaneously being displayed through speaker.I downloded mbam and deleted all suspected filed and therafter no such information.I forgot the tol free number. Link to comment Share on other sites More sharing options...
steven36 Posted December 12, 2016 Share Posted December 12, 2016 4 hours ago, davendranath said: message was that some porn site is stealing your credit card What's new back in the late 90s early 2000s Porn hijackers was famous for using IE to plant malware to hijack dailup and call 1-900 numbers and jack you're phone bill sky high. this was some of the 1st malware ever made. You could always tell peoples surfing habits back then if when you turned there pc on and got porn pop ups every 2 secs . A refurbished IE and new ways of doing it but still not very much has changed in the last 17 years .Ive not used browser by Microsoft since 2006 . And if you're dumb enough to give a scam site you're info to began with it's no ones fault but you're own .I used IE from 2001-2006 i did banking , paypal and all that on it and I never got hacked because i used comman sense and also I scanned my pc for spyware . but I know some who did get hacked back then. you think things are bad now back then almost all freeware would infect you with spyware and take control of you're PC . Things are much better ive not even had no problem with malware since i stop using x86 and XP at all. Before XP sp 2 it took about 20 min to get infected because Microsoft didn't have a good firewall back then http://www.theregister.co.uk/2004/08/19/infected_in20_minutes/ The only way to avoid this was when you reformatted was to install a 3rd party firewall before you got online..I used Sygate Personal Firewall back then. Antivirus could detect a virus but could not remove them so you just ended up reformatting . And they didn't detect spyware/adware you had use another scanner for it and Microsoft didn't have a Antivirus back then they bought out a company latter on and called it Windows defender . Today most things can be avoided by using conman sense back then if you did not know much about PCs you got infected because Windows was a security risk as soon as you installed it. After I found Kaspersky 5 witch could prevent a virus to began with i stooped having much problems but always x86 XP was prone to infections . Now its not had a update in over 2 years it's a zombie Os but it's no worse than all these IOT devices infected with botnets because they never get updates ether.. Back then all malware /Virus was for windows now days malware is spreed out over many Os and devices . If everyone switched from windows to something else they would just follow you to what ever everyone uses. Link to comment Share on other sites More sharing options...
pc71520 Posted December 13, 2016 Share Posted December 13, 2016 SmartScreen has not been that smart... Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.