The scheme tries to lead to malware that searches in Google Brave

For the vast majority of users, finding anything on the Internet requires doing a Google search, even if it is about basic things like accessing a well-known website. However, this practice can also open doors for possible fraud and malware.

A new scam was recently discovered that uses the browser name “Brave” to try to trick users into downloading malware onto systems. The scam starts when Google enters the search term “Brave”, when criminals use Google’s advertising system to present sites that promise to load the browser in the first results.

These sites have a design very similar to real sites in browsers, and at first glance, you won’t even notice any difference. However, the installers they provide have built-in malware that gets installed on systems, leading to possible data theft and other problems.

Portal ArsTechnica states that the scheme starts with ignorance of users who might click on the first result from Google, thinking they are accessing the official browser website, but in return they are accessing a third-party site that redirects them to malicious content.

To make matters worse, fake sites have domains that can trick even the most considerate of users. One example reported by users is using a domain that is exactly the same as the official one (brave.com), with the only difference that there is an emphasis on the letter E. The site even has a valid SSL certificate at the address that represents a secure website in the browser.

The download provides an executable file that has been modified to contain malware that installed on the system can perform various other malicious actions. However, the domain originally used for the schema has been removed by the schema’s governing organization and a warning left by the Brave team and Google, but it is important that users pay attention to the sites they are accessing, even if they appear to be “official”.