Google Chrome users, beware: tech support scammers are misusing helpful browser features to impersonate Microsoft and to bombard users users with pop-ups.
In the first instance, the scammers are taking advantage of the browser’s full-screen mode.
Users who are tricked into visiting a malicious site set up for the scheme can, at first glace, believe that they have landed on a legitimate tech support page by Microsoft: the address bar shows the right URL and the green lock that usually indicates that the site is what it says it is.
Unfortunately, the page has forced the browser to switch into full-screen mode, and the aforementioned address bar is an image loaded take the place of the real one.
“This is an interesting one because for years we have been telling people to double check the URL in the address bar to know if a website is really what it claims to be. When this scam page loads it runs in full-screen mode and prevents the user from easily closing it with an infinite loop of alerts,” noted Malwarebytes’ Jérôme Segura.
In the second instance, the scammers make the page show fake alerts saying the users’ computer has been blocked because it’s infected with spyware, but allow the users to press an OK button to dismiss the alert.
This alert has the “Prevent this page from displaying additional dialogues” (sic) option at the end of it checked, but it’s a lie.
Pressing the OK button will do the complete opposite: it will allow the page to show more similar fake Google Chrome alerts, with more tricks to exasperate the user (such as saying that pressing the ESC key will allow them to close the page, when only the Prevent message and the OK button will do that:
Pressing the ESC key will trigger a new onslaught of fake pop-ups, making users more likely to decide to call the fake tech support number provided by the scammers.
It definitely pays to keep on top on all the new approaches online scammers come up with.