Network Security

Microsoft Edge flaw allows fake website warnings

Flaws in Microsoft's Edge's SmartScreen feature is allowing tech support scammers to push out warnings that falsely state a website is dangerous.

An independent security researcher Manuel Caballero blogged about a vulnerability he spotted in ms-appx: and ms-appx-web commands that could allow someone to create a fake alert that would lead a victim not to Microsoft's tech support department, but to a malicious site or person.

“When we place a telephone-like number, a link is automatically created so the user can call us with a single click. Very convenient for these scammers,” Caballero wrote.

SC Media queried Microsoft on this problem, but has not heard back from the company.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.