A new securebrowserupdate.com domain popped up on November 16, and while it’s dead now, others are sure to spring up soon, if they haven’t already. A script on the site detects which browser you’re running, and then offers “new versions” of your browser with “service packs” and “Antivirus protection,” both which of course don’t exist for browsers.
The warning is the same for all of them: “Attention! Your browser is out of date, some of extensions may interfere your work!” Users are told that their current browser version is out of date and that they are invited to install the latest update, which is of course malware.
Here’s how the Firefox one looks (it changes accordingly if you’re running an older version):
Here’s how the IE9 one looks (yes, despite the release of IE10):
Out of all of these, the iPhone one takes the cake:
While the iPhone scam is clearly the least likely to work, analysis of the script in question shows that this isn’t just a desktop attack. The script in question shows mobile users may be at risk of premium rate SMS messages if they visit the site, according to Russian strings in the code.
In all cases, victims are redirected to the fake browser update domain via advertising on other sites. If you are browsing the Web and suddenly get a popup or ad to update your browser, don’t click it. Furthermore, make sure you’re running a solid security solution if you aren’t already.