SocGholish Malware Prompts Fake Browser Updates

The NJCCIC has received reports of SocGholish malware using social engineering tactics, dependent upon geolocation, operating system, and browser. The malware prompts users to navigate to fake browser-update web pages. The fake browser-landing page may spoof Google Chrome, Mozilla Firefox, and Internet Explorer web browsers. If users click on the upgrade option, a JavaScript file is downloaded and executes the next stage malware. The NJCCIC recommends users refrain from clicking on embedded links or attachments from unsolicited or unexpected emails, or downloading files from suspicious websites. We advise users to verify emails from known senders via a separate means of communication.