SmartScreen is one of the security features that Microsoft has in the program browsing Edge to warn about websites that have been flagged as dangerous. But a security researcher discovered a way cybercriminals can use to abuse this feature by delivering false alerts.
Manuel Caballero explains his blog, that Microsoft Edge has a vulnerability that allows ms-appx: and ms-appx-web: two εντολές που μπορούν να δημιουργήσουν πλαστές προειδοποιήσεις παρόμοιες με αυτές που εκδίδονται από το SmartScreen και οι οποίες θα μπορούσαν να χρησιμοποιηθούν με πιο πολύπλοκους τρόπους.
For example, attackers could use these warnings to persuade their unsuspecting victims to call a phone number from where they would try to steal various information.
SmartScreen is a feature that is available on both Microsoft Edge and Internet Explorer, but this bug has only been proven in the default Windows 10 browser.
In essence, SmartScreen is an extremely useful mode that keeps users safe from websites used to spread malware.
Microsoft currently has no solution to the problem and is probably preparing to fix it in the next updates. At present, the defect exists and has already been reported to the general public. For this, be very careful when browsing Edge, until Microsoft decides to fix it.
Of course, you can always use another browser that offers more security (see Firefox and Google Chrome).
https://www.brokenbrowser.com/spoof-addressbar-malware/
