Fake Google Chrome Update Scam

Rather than risking problems, our advice to users is to go to the Settings menu and click on the Help option, prompting Chrome to check for updates and download the latest version.

This is not a new scam, with incidences reported for the last few months. However, researchers at internet security specialist GFI Labs have uncovered a new wave of attempts at the trickery, immediately after Google patched a number of security vulnerabilities in its browser recently.

According to GFI: “The file itself has been around for a while, being seen on around 14 or so websites since around October and is listed at Malwr.com which mentions attempts to access Firefox’s Password Manager local database – meanwhile, it’s listed on the comments section of VirusTotal as being capable of stealing banking credentials. You’ll notice they mention Zeus – indeed, one of the DNS requests made is to a site by the Malware is related to ZBot / Blackhole exploit kit attacks. In fact, it seems to want to swipe information of a very similar nature to a ZBot infection from August of 2012 detailed on the ShadowServer Blog.”

Legitimate Chrome installations will actually detect the malicious files and will warn users about them.

You can get more information about staying safe online at – https://www.getsafeonline.org/news/fake-chrome-updates-doing-the-rounds/