The old new threat is circling around tricking users into downloading and installing an info stealer as a fake Google Chrome browser update. These fake updates often look real and can lead to serious security breaches. The infostealer is a type of malware that allows attackers to remotely access and control the victim's computer and steal sensitive information like passwords and credit cards.
The scam starts when a user visits a compromised website that secretly redirects them to a fake update page. If the user downloads and opens the file, harmful software is installed on their computer.
Key takeaways:
- Stay Vigilant: If you encounter an update prompt while browsing, maintain a healthy dose of skepticism. Genuine updates are typically delivered by the browser, not random web pages.
- Check the Source: Always check the source of the prompt. If it's not from a trusted site, it's best to avoid it.
- Use Antivirus Software: Good antivirus software can detect and block many types of malware. Keep your antivirus software updated for the best protection.
- Maintain browser hygiene: All browsers are updated with the operating system (Edge with Windows, Safari with MacOS, Chrome with ChromeOS) or set to auto-update by default. It is rare-to-never you have to download and install the browser manually. One of the use cases may be a major version upgrade, especially if you are one or two versions behind. Regardless, your first stop would be a browser vendor website if that is ever the case.
Remember, it's a wild web out there. Stay informed, stay skeptical, and be safe.
#ALTACyber
------------------------------
Genady Vishnevetsky
Chief Info Security Officer
Stewart Title Guaranty Company
Houston TX
------------------------------