Beware of This New Malvertising Campaign
Businesses nationwide have recently switched to the new Arc browser for its shortcuts, previewing ability, and lighter, cleaner design. Having gained monumental traction in a short period, it competes with longstanding browsers like Google Chrome, Microsoft Edge, and Firefox. However, new malvertising efforts are threatening many companies that are making the switch.
How Hackers Get You
The Browser Company released the Arc browser for MacOS in July 2023. After receiving positive feedback from critics and everyday users, they launched a Windows version. Unfortunately, this new popularity has attracted hackers, who are now targeting businesses using Arc.
Hackers create fake websites that closely resemble the genuine Arc download page. As part of their malvertising campaign, they exploit Google Ads to manipulate search results and mislead users. These ads look just as realistic as legitimate ones, displaying the correct URL but leading to phony sites with typosquatted domains. It only takes a slight difference, like an extra or missing letter, to trick unsuspecting users.
What Happens If You Fall Victim
If your employees download this browser from one of these fake ads, it spells disaster. Clicking the download button triggers a trojanized installer from the cloud service MEGA, which hides malware within a seemingly harmless PNG file. This hidden malware acts as an information stealer, allowing external servers to issue commands that could compromise your company’s sensitive data.
Once hackers gain access, they can either steal valuable information, potentially selling it to competitors, or deploy ransomware, demanding payment to release your company’s data. This can severely damage your brand’s reputation and lead to significant financial loss. Learn more about protecting your company’s network by reviewing network security services that address these types of threats.
What You Can Do To Protect Your Company
If your company is considering using the new Arc browser on Windows, you must take steps to safeguard your business. First, educate your employees on proper online habits, such as avoiding downloads from ad links, which can lead to fake sites. Instead of relying on search engines, instruct them to type the official URL directly into the browser’s address bar and double-check for typos.
You can also implement proactive solutions like ad blockers to prevent malicious ads from appearing and sign up for our Cybersecurity Tip of the Week to stay informed about the latest security threats. Additionally, having reliable antivirus software that scans all downloads is critical to protecting your business against malware.
Maintaining vigilance and educating your team on the latest malvertising tactics will keep your company, employees, and customers safe. If you're unsure about your current security protocols, consider booking a discovery call to assess and enhance your cybersecurity measures.
