New Wave of Browser Hijackers

New phishing campaign

A new phishing campaign that was redirecting users to a browser hijacker has been discovered recently. The attackers used fake alert messages to trick the users into thinking they are infected with malware. After that, scared users called the number that was shown in the notifications asking for technical support to help them remove malware. Unfortunately, they were paying for unnecessary technical support.

 

Phishing emails

It all starts with a user receiving an email asking them to click on the box to display a message. The message in the email is often designed to convince you that you are infected with malware. Apart form the message, there is a technical support phone number as well.

If you click on it, you might be redirected to a website and tricked into providing your credentials. Meanwhile, the malware shifts the browser to a full-screen display and does not allow users to close the fake outlook page.

Since both home and business users use email every day and rely on it, experts believe that this new phishing campaign targeted both groups.

 

Namecheap domain names

According to experts, the domains used by the attackers to send the phishing email were all purchased from Namecheap. Namecheap provides services on the domain name registration and offers domain names that are registered to third parties for sale.

 

Why do browser hijackers pose such a threat?

Browser hijackers are one of the most common threats in today’s online world. Many with not enough technical background often don’t even realize they have been infected with it. This is precisely why browser hijacking can be very dangerous.

 

How can I recognize it?

Whenever a software tries to modify your browser settings, default search engine or homepage, you are infected with a browser hijacker. It performs the changes without your permission. Browser hijackers also redirect you to websites you don’t want to visit with the sole purpose of trying to trick you into giving out your credentials.

It often comes in the form of an adware, displaying annoying ads on your screen making it difficult for you to close them. There are high chances you will even accidentally if not on purpose click on the ad and be redirected to a website that you don’t want to visit. There you might be asked to share your email address or your financial credentials.

 

How can I protect myself from browser hijackers?

Here are some necessary steps you need to take to ensure your protection:

  1. Update your OS and your browser software
  2. Install an antivirus and antimalware protection
  3. Use your antivirus software’s “Real-time protection” feature
  4. Don’t click on suspicious links in your emails
  5. Be suspicious of free programs (double check how secure and legit it really is)

 

How to remove browser hijackers?

Removing a browser hijacker is often a rigorous process. It’s best to start with your browser and work your way to your operating system to see how far-reaching the browser hijacker is.

We advise you to remove suspicious and unnecessary toolbars and extensions. After that, you can close your browser and restart your computer.

Once your computer has restarted, check if that what you removed is still gone. If it is, change your browser settings — default search engine, homepage, etc. — and everything will return to normal. If you’re still being redirected or an extension won’t uninstall, you’ll have to go deeper.

 

In that case, install Zemana AntiMalware

Zemana AntiMalware had been known as the best tool on the market to help you detect and remove browser hijackers. It has always been highly efficient in this and the best thing is that you can download it for free (it comes with 15-days free trial).

However, if you decide to continue using the Trial and do not wish to purchase the Premium subscription at the end of the trial, your Zemana AntiMalware program will disable premium features. All other (basic) features will remain unchanged.

zma english UI

Stay safe with Zemana! 🙂

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: