As a modern business owner, you’re well aware of all the ways technology benefits your business while also putting it at risk. If you use Google Chrome as your browser of choice, you should be aware of the latest Google Chrome update malware scam.
Keep reading to learn everything you need to know about this attack campaign, how to determine whether you have a compromised website, and how to protect yourself against security risks.
What Is Update Malware?
Update malware is the term for any line of malicious code cyber attacks embedded within an update to your computer system, website, or web browser. When you download the update, the code you install puts hidden files on your computer that grant the attacker access to your private information or critical computer systems.
How the Scam Works
Cybersecurity experts have identified at least four different fake “update your browser” campaigns that can trick you into installing malware on your device. This scam was first detected in February 2023 and since then has evolved to provide the attackers with multiple ways to invade your system.
The first way they accomplish this is by gaining access to legitimate websites, which they do in various ways. Once they have access to the website, they modify it to display a pop-up to every user who visits the website. The pop-up informs the user their browser is out of date and requires them to update to the newest browser version if they want to view the website’s content.
Once users click on the pop-up, they’ve compromised their computers.
Determining Whether You Have Malware
You can determine whether you’re a victim of the Google Chrome update error by looking for the following file types:
- SocGholish
- NETSupport RAT
- Lumma
- Redline
- Raccoon v2
These files make you vulnerable to more severe cyberattacks like identity theft. You can use a virus scanner to find these files, or your IT services team can find them easily.
How To Protect Yourself From Google Chrome Update Malware
How can you protect your business from malware? First, educate your users on the best practices for avoiding malware, which include:
- Avoid phishing scams by never clicking on a link to an unknown site or from an unknown sender.
- Learn to identify typical phishing attack behavior, such as generic greetings, asking for financial information, or promotional offers that are too good to be true.
- Use multi-factor authentication on all devices.
- Invest in high-quality anti-virus protection software.
- Regularly back up your data to a secure location.
- Use strong passwords and change them regularly.
You can also protect yourself from the Google Chrome update malware scam by practicing good “cyber hygiene” and learning how developers push out updates. For example, Chrome will never prompt you to update the browser through a pop-up. You should only update the browser through Chrome’s settings, which notify you of new updates in the upper right-hand corner of the browser.
You should also enable automatic updates. This allows your computer or browser to download safe and secure updates without requiring you to click on anything.
