NCC-CSIRT Issues User Advisory on Internet Security Component and News Feed Personalization in Microsoft Edge Browser

The Nigerian Communications Commission Computer Security Incident Response Team (NCC-CSIRT) has issued a notice to users to install reliable and up-to-date anti-virus software with an internet security component and to customize the wire news in the Microsoft Edge browser.

This is part of the countermeasures to reduce the chances of falling into the trap of a malicious attack discovered in the browser.

The NCC-CSIRT further advised browser users to practice safe Internet browsing habits and refrain from clicking on links they are unsure of in the face of the malicious attack whose likelihood and potential damage to systems were rated high.

The notice stated that the malicious ad campaign, discovered on the Microsoft Edge browser newsfeed, redirects victims to scam tech support websites and cybercriminals have resorted to posting stories or advertisements weird and eye-catching on the Edge newsfeed to entice users to click. on them.

Malicious ads look legitimate but contain malware and/or other threats.

According to the review, “Microsoft Edge News Feed is the default page that appears when a new tab is opened, and it displays information such as news, ads, weather, and traffic updates. .

“Here are the steps that lead to being redirected to a fake tech support page:

User clicks on a story or ad, Edge browser setting is analyzed for various metrics;

Based on the aforementioned metrics and past results, if the user is seen as a bot or in a place they are not interested in, the user is redirected to a harmless dummy page that is relevant to the story or the advertisement on which he initially clicked;

However, if the user is deemed as a potential victim, then they are redirected to a tech support scam website for further exploitation. The notice explained.

Victims of the tech support website scam might have their personally identifiable information (PII) and other data collected or they might be with malware.

The NCC therefore urges telecommunications consumers and other ecosystem stakeholders to install up-to-date anti-virus software and be alert to the tricks of cybercriminals so as not to fall victim to cyber scams.

The Computer Security Incident Response Team (CSIRT) is the telecommunications sector’s cybersecurity incident center set up by the NCC to focus on incidents in the telecommunications sector and as they may affect consumers telecommunications and citizens in general.

The CSIRT also works in conjunction with the Nigeria Computer Emergency Response Team (ngCERT), established by the Federal Government to reduce the volume of future computer risk incidents by preparing, protecting and securing Nigerian cyberspace to prevent attacks and related issues or events.

Don’t miss the important articles of the week. Subscribe to weekly digest for updates.