Fake Chrome extension pushes tech support scam

Security News

Malvertising campaigns are widely used to infect users with serious malware, such as ransomware or banking details-stealing Trojans but a security specialist working for Malwarebytes has uncovered that one malvertising campaign was used to redirects users to a web page that forced them to install a rogue Google Chrome extension.

Fake Chrome extension pushes tech support scam

If you were redirected to that site, you would get a pop-up saying you need to add an extension to leave the page. Users have no choice but to click OK and permit the installation.

Once the extension is installed, it may be difficult to get rid of it. The Malwarebytes security expert has explained in a blog post on the site that the add-on will not allow you to access chrome://extensions where you can delete extensions. If you try to access it, you will be redirected to chrome://apps. Since you cannot remove the extension this way, you would need to use professional removal software to get rid of it or remove it from the Chrome installation folder.

Fake Chrome extension

If you allow this extension to stay on your computer, you may be redirected to tech-support scams. It will check for certain keywords in the URL and cause redirects to various scams. Malwarebytes reports that if a browser, infected with this rogue extension, tries to access the Malwarebytes web page, it will be redirected to potentially unwanted programs (PUP), get-rich-quick or other kinds of scams.

There may be several keywords that would cause redirects to a Microsoft tech-support scam, which will claim that your browser is infected and that you should call the provided number to solve the issue. These kinds of scams are not uncommon and many users still fall for them. If you were to call the number, the people behind this scam would most likely try to sell you some kind of overpriced useless software or/and attempt to get remote access to your computer. Microsoft would never give you these kinds of warning and it is important to remember that when encountering these kind of scams.

Google has since removed this extension from the store but if you think you are infected, obtain professional removal software and get rid of it.

Site Disclaimer

2-remove-virus.com is not sponsored, owned, affiliated, or linked to malware developers or distributors that are referenced in this article. The article does not promote or endorse any type of malware. We aim at providing useful information that will help computer users to detect and eliminate the unwanted malicious programs from their computers. This can be done manually by following the instructions presented in the article or automatically by implementing the suggested anti-malware tools.

The article is only meant to be used for educational purposes. If you follow the instructions given in the article, you agree to be contracted by the disclaimer. We do not guarantee that the artcile will present you with a solution that removes the malign threats completely. Malware changes constantly, which is why, in some cases, it may be difficult to clean the computer fully by using only the manual removal instructions.

Leave a Reply