Latest version of google download scam

These injects are able to analyse the geolocation, operating system, and browser used by the recipient, and if deemed a suitable victim, look to convince them to click on a link in the email message. Rather than the promised Google Chrome update however, clicking on this link downloads one of several malicious payload. Proofpoint's analysis spotted a a banking Trojan Chthonic that was a variant of the notorious Zeus banking Trojan, as well as remote-control software NetSupport that can give hackers remote access to compromised systems.

The attack targeted a number of major businesses across multiple verticals, including education, state governments, and manufacturing, and numerous others. He has worked as a B2B and B2C tech journalist for nearly a decade, including at one of the UK's leading national newspapers, and when he's not keeping track of all the latest enterprise and workplace trends, can most likely be found watching, following or taking part in some kind of sport.

North America. In a blog post last week, researchers at security firm Proofpoint gave further news on an especially shady malware campaign that has been targeting educational institutions, governments and manufacturing companies for nearly a year. The latest wave of attacks involved 18, malicious emails sent in June and July to recipients in Canada, France, Germany, Italy, the U.

The emails prompt the recipient to visit a website of interest to persons in that chosen field. The site is legitimate, but it has been corrupted by an injection of the malicious JavaScript-based framework known as SocGholish , or TA The SocGholish script first gleans information about your browser, operating system, and location.

Then it decides whether to try to infect you with malware. If so, then you are whisked to a second website, and this one really is fake — it's a fake browser update page that urges to click a button to download the "update". Proofpoint's examples including fake Google Chrome and Microsoft Internet Explorer updates, but this campaign also lures Mozilla Firefox users. And of course, if you do click that button, then you're really downloading a script that further profiles your system and downloads more files, including the Chthonic banking Trojan and the legitimate but often-abused remote-access application NetSupport.

Like other banking Trojans, Chthonic tries to gain access to your online bank account in order to steal money. Meanwhile, NetSupport gives attackers remote control of your PC, potentially leading to full system takeover. If you want to make sure your version of Google Chrome is up to date without falling victim to malware, it's best to do so manually , as Google itself explains.

Open your Chrome browser and take a look at the three dots on the top right of your window, the "More" icon. The icon may be green, orange or red, which means that an update is available. Green indicates that the update was released less than two days ago, while orange means it was released about four days ago. Red means the available update was released a week ago and you're overdue to install it.

To update, click the three-dot icon and choose "Update Google Chrome.