Dharamshala, 5th August: It’s no surprise that much of what we do on the internet these days begin with a Google search, whether we’re looking for pertinent information, researching the pricing of purchase, or even looking for new programs like browsers. However, in other circumstances, this reliance on search engines might cause problems. After all, there’s a chance that the curation of page indexing and presented adverts have problems. This is something that the situation in question here can attest to. Brave Browser is the latest fraud to jeopardize internet security.
According to information supplied by the folks at Ars Technica, a stunningly well-built scam was recently detected on Google, using the identity spoofing of the Brave browser site combined with the purchase of an ad to be sent at the top of the associated search page. Starting with what was shown in the search engine, it is easy to observe that the ad leads to a domain other than the one officially used by the Brave website (brave.com). They mention mckelveytees.com, a professional apparel trading website that may have been a victim of the hoax. The user was led to intermediary sites before arriving at the false site after clicking.
The bogus Brave Browser webpage can easily trick unwary users:
When it comes to the bogus site, the main issue is that it may easily fool even the most vigilant user. This demonstrates the crooks’ concern for making fraud more likely on initial checks. It accomplishes this by using a string that hides the original URL. Instead, it shows a domain that looks like Brave’s but with an accent on the letter E. However, this is something that will only pique the interest of a certain group of consumers.
Of course, the security certification is likely to pique your curiosity. The site does, in fact, have a TLS certificate that is legitimate. It shows the normal lock for HTTPS connections. As a result, everybody who clicked the download button was guaranteed to get an installation file. It contains the malware ArechClient and SectopRat, which is contained inside a 303MB ISO file within an executable file. Following the tip from Brave and NameCheap, Google has already dismissed the case in question. It also revealed the rogue domain’s inconsistencies, which were exploited to carry out the scam.
This story is the latest illustration of why we must exercise caution when using the internet. Scammers and hackers are constantly working to enhance their methods for gaining access to user data, stealing information, and profiting from it.
Leave a Reply