Microsoft Warns Windows Users—Change Browser To Stop Attacks

Microsoft’s long-running campaign to switch Chrome users to Edge has taken many twists and turns. It has prompted scathing responses from Google execs, suggesting the Windows-maker is tricking users, and complaints from users frustrated by ads and warnings within Windows itself. But it has not worked.

In April 2023, Chrome enjoyed a 66% share of the global desktop market. Two years later, and that share is still 65%. It hasn’t moved. Edge has grown its own share slightly, from 11% to 13%, but Statcounter’s data continues to reflect the stickiness of the browser market and the reluctance of users to change.

ForbesGoogle Confirms Gmail Upgrade Offer—You Must Decide CarefullyBy Zak Doffman

Microsoft has a new promotion this week for “Microsoft Edge browser — the fast, smart alternative to Chrome,” which focuses on speed and performance but mainly AI. “While most browsers share a familiar interface, Microsoft Edge distinguishes itself with deep AI integration, offering several key advantages,” the company says, just as Google confirms the latest Gemini upgrades coming to Chrome.

But there’s a more interesting push to the Edge from Microsoft this week — security and keeping PCs safe from a plague of ongoing attacks. We have seen this before — Edge promoted as a safer, more secure alternative to Chrome. And that same message often appears on banners and ads as Windows users download and install Chrome. But when it comes in an actual security advisory, it has a different tone.

Kudos to Microsoft and multiple law enforcement agencies this week for ripping down swathes of Lumma infrastructure. The company’s Digital Crimes Unit (DCU), the FBI and others “are disrupting the leading tool used to indiscriminately steal sensitive personal and organizational information to facilitate cybercrime.” This includes seizing more than 2000 domains to sever the infostealer’s ecosystem.

Lumma Stealer “is the favored info-stealing malware used by hundreds of cyber threat actors, stealing passwords, credit cards, bank accounts, and cryptocurrency wallets and has enabled criminals to hold schools for ransom, empty bank accounts, and disrupt critical services.” It’s the threat often lurking behind ClickFix, fake Chrome update and phishing campaigns that trigger weekly warnings to users.

In tandem with the Lumma takedown news, Microsoft has fresh recommendations to stay safe from these threats. Enable network and web defenses, always use multi-factor authentication (MFA), and switch to “Microsoft Edge with Microsoft Defender.”

ForbesDelete Any Email On Your PC, Phone That Has This AttachmentBy Zak Doffman

Seeing a push to change browser in Microsoft’s official recommendations within an attack advisory always makes me uneasy. It seems like a misplaced ad, given all the other pushes for Chrome users to change. But as I’ve commented before, it’s probably the most effective way to grow Edge’s market share. Appeal to enterprise security teams to switch users at work, in the hope they may then do the same at home.

Whatever browser you use, do make sure safe browsing or its equivalent is enabled, that MFA is added to all your key accounts at a minimum — but always use Passkeys if you can, and avoid the temptation to click links and install any apps or updates from outside official stores. It’s fine to stick with Chrome, as long as these basics are in place.