.png?width=220&height=44&name=Nuc-logo-sketched-1%20(1).png "Nuc-logo-sketched-1 (1)"){kind=logo}
Security experts are warning professionals to be aware of fake browser updates. Cybersecurity researchers at Proofpoint have observed four different threat clusters - including SocGholish, RogueRaticate, SmartApeSG and ClearFake - using separate campaigns to deliver fake browser update lures. In this blog post, we’ll outline the characteristics of the fake browser update and explain why user vigilance is so important.
Fake browser updates refer to compromised websites that display a notification from the browser, such as Chrome, Firefox, or Edge, informing the user that their browser software needs to be updated.
When they click on the link, they do not download a legitimate browser update but rather malware, masking malicious payloads that is automatically downloaded.
In the world of malware, the term payload is used to describe what a virus, worm or Trojan is designed to do on a victim’s computer. -Kaspersky
Why are We Falling for this Trick?
This threat abuses our trust because many of us have been educated on one simple security best practice - keeping your operating system and software up-to-date, including your web browser is important for good security health. And, because we regularly use our browsers, updates that appear to be from Chrome, Edge etc. are trusted and appear legitimate.
In May 2011, Krebs’s On Security, published Three Rules for Online Safety, of which Rule #1 was, “If you didn’t go looking for it, don’t install it.”
This rule is still relevant today! Never install any update, you didn’t prompt yourself. Any requirement to go to a site or download a browser update should be first confirmed with IT support for validity if in doubt before proceeding. Windows Edge updates are done through Windows updates and Chrome is done right from within the browser. Find the instructions to update Chrome here.
How to Avoid the Fake Browser Threat?
Cybersecurity requires a multi-layered approach that involves ongoing education and technology investment. Here’s a few ways you can protect yourself and/or business:
- Security Awareness Training: Ongoing, up-to-date training is essential to stay informed and protected from all the latest threats
- Next Generation Antivirus and an Endpoint Detection and Response tool on all servers and workstations
- Updates: Are important just not fake ones!
If you’re not confident in your businesses’ ability to defend against this threat or others, we highly recommend that you reach out to a Managed Service Provider (MSP). A MSP can provide you with Security Awareness Training, as well as a Cybersecurity Assessment that will ensure that your business is aware of your security vulnerabilities and that you have a clear plan in place to improve your security posture. Want to learn how we can help protect your organization? Connect with us.
