• Apps like Microsoft News and Microsoft Jigsaw are involved in the malvertising campaign.
  • The ads that are being displayed because of fake in-app ads are not blocked by ad blockers.

Windows 10 users in Germany have reported of being suddenly redirected to unwanted advertisements while using their computers. These advertisements are being shown to the users through fraudulent apps that are delivered through Microsoft’s own software.

What’s the matter?

According to Windows-focused site Ghacks, it has been found that several Windows 10 users in Germany had reported being targeted through Microsoft’s in-app ads over the weekend. The users complained that their browser would suddenly redirect them to sites that pushed tech support scam, sweepstakes, surveys and win a prize wheel.

Such ads would open suddenly when the users were using apps like Microsoft News, Microsoft Jigsaw and other Microsoft Advertising-supported apps.

What happens next?

Just like a general tech-support scam, the in-app ads use bogus system alerts to warn users of security threats and other issues that actually do not exist.

In one instance, a user was shown an advertisement that pretends to be a system alert. The ad tells the user that the computer is infected and needs to be scanned immediately. If the ‘Ok’ button displayed on the screen is clicked, the malicious advertisement prompts the user to download an unwanted system cleaner program.

Other scam ads appearing in Microsoft apps claimed of viewers winning prizes such as a new iPhone. To claim the prize, the visitors were asked to participate in a survey, which would result in either giving up their data or downloading malicious software.

Why does it matter?

The important aspect of this malvertising campaign is that the ads that are being displayed because of fake in-app ads are not blocked by ad blockers. The ad blockers consider these apps to be normal scripts as they are launched by Windows 10 on the users’ browsers.

What users can do to stay safe?

Users will have to rely on security software or built-in browser filtering services to block known malicious websites.

Microsoft has also attempted to address the issue with a Windows Defender policy which was introduced last year. The main purpose of the service is to tackle free versions of a program that claim to find errors on a computer and then scare victims into buying the premium version.

Cyware Publisher