Microsoft Tests New Edge Scareware Blocker to Combat Tech Support Scams

Microsoft is testing a cutting-edge feature known as the scareware blocker in its Edge web browser, which detects tech support scams using machine learning.

Tech support scams, or scareware, typically employ aggressive tactics on landing pages, misleading users into believing their devices are infected with malware. The scammers then push victims to contact fraudulent tech support services.

While the existing Defender SmartScreen feature in Edge offers robust protection by identifying and blacklisting known malicious sites, the new AI-powered scareware blocker brings an additional layer of security and uses a local machine learning model to recognize and intercept scareware threats in real-time.

Real-Time Scam Detection with Local Machine Learning

“Scareware blocker adds a new, first line of defense to help protect the users exposed to a new scam if it attempts to open a full screen page. Scareware blocker uses a machine learning model that runs on the local computer,” Microsoft explained.

“The model uses computer vision to compare full screen pages to thousands of sample scams that the scam-fighting community shared with us. The model runs locally, without saving or sending images to the cloud.”

Upon detecting a suspicious or malicious page, the scareware blocker feature alerts the user, giving them the option to either proceed with caution or exit the page if deemed unsafe.

Scareware blocker warning the user (Source: Microsoft)

How to Enable the Scareware Blocker in Microsoft Edge

To activate this feature, follow these steps:

1. Check that previews are permitted by your system administrator and that your Edge browser is up to date.

2. Update your Edge browser to the latest version and restart it to apply changes effectively.

3. Go to the “Privacy Search and Services” section in settings, where you should find the scareware blocker preview available.

Community Involvement in Enhancing Security

When the scareware blocker identifies a potentially harmful page, Edge returns control to the user by exiting full-screen mode, stopping loud audio, displaying an alert, and showing a thumbnail of the page. 

Users can then help protect others by reporting the scam site, sharing screenshots and diagnostic information with Microsoft. This assists the Defender SmartScreen service in identifying scareware outbreaks across user devices.

The scareware blocker ML model will disregard the page if users do not report it. To minimize false positives, users should also report instances where legitimate sites are mistakenly marked as malicious.

“By reporting false alarms, you help us make the feature more reliable to catch the real scams. Beyond just blocking individual scam outbreaks, our Microsoft Digital Crimes Unit goes even further to target the cybercrime supply chain directly,” Microsoft added.