Kaspersky Unveils New Security Category to Combat 'Grey Zone' Scams – Fake Extensions Top Global Threat
Kaspersky launches new filter for 'undefined trust' websites. Fake browser extensions top global threats. Region-specific scams revealed. Users warned of warning signs.
Breaking News – Cybersecurity firm Kaspersky has introduced a new web filtering category called Sites with an Undefined Trust Level, targeting manipulative websites that operate in a legal grey area. According to data from January 2026, fake browser extensions posing as security tools now represent the most widespread global threat, detected in 9 out of 10 analyzed regions. These extensions intercept browser activity, track user data, and inject ads, often without users' knowledge.
“These sites are not classic phishing, but they are far from safe — they trick users into voluntary payments or hidden subscriptions,” said Maria Ivanova, a security researcher at Kaspersky. “Our new filter analyzes domain age, IP reputation, DNS configuration, SSL certificates, and HTTP headers to automatically flag these risks.” The feature is now included in Kaspersky Premium and its mobile apps for Android and iOS.
Regional Scams Exposed
Kaspersky’s regional statistics reveal distinct patterns: in Africa, over 90% of top suspicious websites are online trading scam platforms. Latin America sees a dominance of fake betting services, while Russia reports a surge in fraudulent binary options brokers and “educational platforms” with un-cancelable subscriptions. In CIS countries, crypto scams and engagement-inflation bots lead the list.
Key Warning Signs
Users are urged to check for red flags: strange domain names with numbers or random characters, cheap top-level domains like .xyz, .top, or .shop, and domains registered less than six months ago. Unrealistic promises such as “100% guaranteed income” or “up to 300% profit” are major giveaways. Lack of company contact info and payment only via cryptocurrency or irreversible bank transfers should also raise alarms.
Background: The Grey Zone Threat
Suspicious websites cannot be definitively classified as phishing, yet their activities are inherently unsafe. They manipulate users through carefully crafted Terms of Service that include no-refund clauses or forced automatic renewals. These include fake online stores, dubious crypto exchanges, and subscription traps.
Unlike phishing, which aims to steal credentials, these sites rely on legal loopholes and user consent — albeit manipulated — to extract money or data. Kaspersky’s new filter aims to fill this detection gap by analyzing multiple technical signals simultaneously.
What This Means for Users
For everyday internet users, this development means more proactive protection against scams that slip through traditional filters. The new category helps security software flag websites that are neither clearly safe nor clearly malicious, reducing the chance of unintentional subscription sign-ups or purchases from fake stores.
Experts advise enabling updates to Kaspersky products to benefit from the filter. Users should also manually check domain reputation through services like WHOIS before entering payment details. As Ivanova noted, “Awareness combined with layered security is the best defense against these grey-zone threats.”
— Reporting by the Security Desk