- Microsoft unveils new scam detection software
- The tool will be available to Microsoft Edge users
- This could lead to an end to ‘tech support scams’ if widely adopted
Microsoft has officially launched a new ‘Scareware blocker’ feature to help better protect users on Edge web browsers on Windows PCs.
The new machine learning threat detection software, first announced at the 2024 Ignite conference, recognizes the signs of scareware to protect users in real-time, putting users back in control of their computer.
Scareware scams have been around for a long time, and they’ve become one of the most damaging scams around – but what if they weren’t? This new technology could see the end to tech support scams entirely – here’s what we know.
Millions lost every year
The FBI claims tech support scams are costing victims millions per year, and it has become a pretty high profile attack. The basic setup of the attack is cybercriminals will deploy pop ups or ads which trick users into believing their device has been infected with malware, usually filling their screen with big scary banners or alerts.
Essentially, the scam works by panicking users with a banner claiming they have been compromised by a virus or attack, and prompts them to reach out to ‘tech support’. From there, fake support agents will request and steal personal and financial information from unsuspecting users who believe they’ve been compromised.
Most of us are aware of this scam, and are confident enough to ignore these when they do pop-up, but the primary target for these attacks is older adults and those who aren’t savvy enough to spot the warning signs.
But with this new ‘scareware blocker’ might make us all a little safer. The AI-powered detection checks on new and unfamiliar sites, “where abuse is more likely to hide”, and uses a SmartScreen to protect users worldwide within minutes once an abusive site is detected.
The model compares screens to sample scams provided by the security community – and this runs locally, without needing to save or send images to the cloud.
When an attack is detected, Edge will ‘put users back in control’ by exiting full screen mode, as well as stopping “aggressive audio playback”, and providing a warning to the user with a thumbnail of the suspicious page.
From there, the user has the option to report the malicious site to help protect others, and they can even share the screenshot of the scam with Microsoft to help train the model further.
If the alert is a false alarm, users can report the mistake from the scareware blocker.
“While we recognize that the scareware blocker may not catch every scam—especially as tactics evolve—we are committed to empowering users with solutions while we improve our defenses,” Windows confirmed in its statement.
This tool is something even Chrome has employed, and it’s available when any Edge user updates their browser to the newest version and restarts. You can check if this is installed under the ‘Privacy Search and Services’ label.
Protecting yourself
If you’re not a Microsoft Edge user, or you’d just like to make sure you’re as safe as possible, here are a few tips to protect yourself.
The most important step is being aware of the scam. Once you know the playbook, you’ll be much less panicked if you encounter it. Always try to keep calm, and don’t be rushed into providing your information to an attacker.
If a warning takes over your screen, you can always press and hold the ‘Esc’ key to escape it, which should ease the anxiety a little. Criminals’ most effective tool is pressuring you to act quickly and without thinking, so if you can resist this, you’ll be much better placed to avoid any scams.
Don’t click on any suspicious links or pop-ups. Much like phishing scams, these are designed to take your information, which can lead to even bigger issues like identity theft.
Similarly, don’t contact any phone numbers or emails shown in a pop-up – if you think there’s a real issue, search the contact information separately and contact through official channels. Be particularly careful not to give away access to your accounts, and always remember that legitimate tech firms are incredibly unlikely to ever request money wired through foreign accounts, gift cards, or crypto currency.
A crucial part of this scam is the pop-up ad, so the best ad blockers will keep you safe from these – and a big bonus is that many of them are free!
Similarly, If you have the best antivirus software already installed on your device, you can be confident that your device is safe – so are much less likely to be panicked into falling victim to this scam.
“If you have a reputable antivirus installed, simply ignore any pop ups urging you to install security fixes,” said Pierre Noel, Field CISO EMEA at Expel.
“If not, disregard these messages, research the top antivirus solution, and install a trusted one. If you receive an unexpected tech support call, say you’re busy and ask for their name and department- chances are, they’ll hang up.”
You might also like
https://cdn.mos.cms.futurecdn.net/7Vczav8AQoqH6XSmxvG2vS-1200-80.jpg
Source link
