Scammers never sleep, not even on national holidays. According to Ars Technica, con artists have once again been found taking advantage of a bug in Google’s Chrome browser to spread tech support scams to unwitting users. Back in February, Malwarebytes warned of a technique that scammers were using freeze browsers while simultaneously trying to convince users to “call Microsoft” and speak to tech support with a fake error message.
While a page on the Chromium bug tracker suggests that Google resolved the issue with the release of Chrome 65 shortly after the initial report, it appears that the bug has cropped back up in Chrome 67. In fact, not only has the bug returned, but scammers have already begun taking advantage of it using the same tricks once again.
You can see what the fake error message looks like in the image below, put together by Malwarebytes earlier this year. A savvy internet user might not be fooled by such a blatantly obvious scam, but unlike other similar pop-ups, this one has the ability to freeze your browser by repeatedly saving a file to disk so quickly that you won’t be able to see it happening. This causes your browser to freeze up, and you won’t be able to close out of any windows:
If you happen to run into this scam — by visiting either a hacked website or a site with malicious advertisements — remember not to panic and never to follow the instructions on the error message. If you call that number, you’ll be put in touch with a scammer who will undoubtedly ask for your credit card information (which you should not provide). So instead, just CTRL-ALT-DEL on Windows or Force Quit on a Mac and end the task.
Chrome users especially should keep an eye out, but Firefox, Brave, Opera, and other browsers have been shown to be vulnerable as well. In fact, Internet Explorer and Microsoft Edge are two of the only unaffected browsers. Google and Firefox both tell Ars Technica that they are looking into the matter.