Symantec researchers have recently encountered a new variant of the old one-click mobile fraud, which results in the users’ mobile browser being thrown in a loop and becoming unusable.
It was spotted in Japan, where one-click fraud is usually geared towards tricking users into subscribing to – and paying for – adult video services.
“We have observed various tactics used in the scam throughout the years, but most scams simply trick the user into making a click or two in an attempt to view a video in order to falsely register the user. In most cases, the web page can be closed within the browser and the attempt to scam the user ends there,” Symantec’s Joji Hamada explained in a blog post.
This newer version of the scam, however, is actually somewhat disruptive.
When users click on the video lure, they are taken to a website that shows a pop-up window that provides details about the registration. After clicking on the “OK” button, another pop-up is shown, urging users to place a phone call to the service’s “customer center.”
“When the user tries to close this pop-up window, the previous registration window once again opens. These two windows keep reappearing in a loop and in essence the browser is taken hostage by the website,” Hamada discovered.
Luckily for the user, only the browser is incapacitated. The phone itself and the other apps can be used. Also, the browser can be easily unblocked by clearing the contents of its cache.
The crooks are betting on the fact that many users aren’t that tech savvy, and will instead call the number in the hopes that the customer center will tell them what to do.
And maybe they will, but they will first try to get the user to subscribe to the service, and pay the 99,800 yen (US$1,200) fee.
If this tactic proves to be successful, no doubt we’ll be seeing more scams of this kind in the coming months – or, at least, Japanese mobile users will.
If you have fallen for this scam, and don’t want to pay up, Hamada offered intructions for clearing the browser cache on Android and iOS phones.