We're all taught about staying safe online, but sometimes, that's easier said than done. Now, Google Chrome users are being warned about a fake URL scam that could potentially leave their computers, personal information, and financials open to hackers.
Google Chrome has dominated the browser scene since its inception in 2008, with it said to have up to a 70% share of the market. Some three billion users regularly boot up Google's browser, and in the aftermath of this scam going viral, the FBI has been forced to step in.
The FBI has warned about the cybersecurity scam, which converts file types into another that are infiltrated with malicious code. These websites convert the likes of .doc files to .pdfs or MP3s into MP4s.
Once the program is downloaded, bad actors can access everything from your passwords to your social security numbers.
Advert
Speaking to BleepingComputer, FBI public affairs specialist Vikki Migoya said: "Unfortunately, many victims don't realize they have been infected by malware until it's too late, and their computer is infected with ransomware or their identity has been stolen."
The agency told Chrome users not to download any file converters from unknown websites. If you are a victim of these hackers, the FBI said to "contact your financial institutions immediately" and "run up-to-date virus scan software to check for potentially malicious software installed by the scammers."
After that, you should also take your device to a company that specializes in 'virus and malware removal services’. You can report these sites to IC3.gov.
Migoya added: "The scammers try to mimic URLs that are legit – so changing just one letter, or 'INC' instead of 'CO'.
"Users who in the past would type 'free online file converter' into a search engine are vulnerable, as the algorithms used for results now often include paid results, which might be scams."
CBS News reports how Iowa-based Lee Enterprises was compromised and faced a ransomware attack. Lee Enterprises filed a report with the US Securities and Exchange Commission on February 12, stating how "Lee Enterprises experienced a systems outage caused by a cybersecurity attack.
"Preliminary investigations indicate that threat actors unlawfully accessed the Company's network, encrypted critical applications, and exfiltrated certain files.
"The Company is actively conducting forensic analysis to determine whether sensitive data or personally identifiable information (PII) was compromised."
It finished that 'no conclusive evidence' had been identified, but reiterated that the investigation is ongoing.
GitLab Threat Intelligence's cybersecurity team recently issued a warning about Chrome, stating that 16 browser extensions had been targeted by hackers. This list included: Blipshot, Emojis, Color Changer for YouTube, Video Effects for YouTube and Audio Enhancer, Themes for Chrome and YouTube Picture in Picture and Mike Adblock für Chrome, Super Dark Mode, Emoji Keyboard Emojis for Chrome, Adblocker for Chrome, Adblock for You, Adblock for Chrome, Nimble Capture, KProxy and Page Refresh, and Wistia Video Downloader.
We're told to check browser extensions to see what permissions they're asking for and to remain vigilant.