However, the best way to prevent most of these attacks is to cut off the ad networks that they rely on. Using Task Manager (on Windows) or Force Quit (on macOS) may be the only way to escape some of these pages, short of a reboot-that and not allowing the browser to restore pages from the last session when re-launching.
Popping up log-in boxes that request a username and password.Hiding or camouflaging the mouse cursor.Forcing the browser window to full screen size.While mobile fake alerts and similar pages on desktop browsers can be easily closed, “browser lock” support scam pages often use scripts that make it difficult or impossible to close the web browser normally or navigate away from the page, including: Scammers create a sense of urgency with wording and countdownsĪnd some technical support scams will play computer-generated voice messages urging you to take action.īut all of these scams have one very specific thing in common-they go away when you close your browser. Sometimes they include a countdown, in order to make you more nervous-after which they suggest your phone or computer will be damaged. Look out for poor grammar and odd phrasing Like phishing messages, they often contain messages with s trange phrasing, capitalization, and grammar or spelling mistakes. What to do?įortunately, these scams are usually pretty easy to spot if examined critically.
We’ve recently spotted fake alert campaigns targeting Japanese, German, and French-speaking Windows and macOS users, and have observed efforts by tech support scammers to find people who speak those languages to participate in their scams. That industry is diversifying its customer base as well. These scams reap tens of millions of dollars from their victims each year.Ī whole industry has sprung up around fake alert scams, including scam kit toolkit developers and commercial platforms for managing malicious advertising campaigns.
That’s where the potential damage begins, with victims allowing the fraudsters to gain access to their device, and to install and extract payment for totally unneeded (and potentially harmful) software. Scammers pressure victims into taking action Technical support scam adīrowser developers have done a lot to limit the damage that can be done by malicious pop-up sites, including recent fixes by Mozilla that attempt to limit the ability of malicious web pages to slow down and lock up the Firefox web browser.īut even if the scammers don’t lock up your web browser, they can make it appear that something has gone terribly wrong-and that you need to do something immediately about it.
“ Scareware” pop-ups have been used for years to prompt people into downloading fake virus protection and other malicious software, including ransomware.īut the latest variations find other ways to cash in on fake alerts: using them as the entry point to technical support scams or prompting their victims to purchase fraudulent apps or “fleeceware” off a mobile app store. The goal: to frighten people into paying for a solution-to a problem they don’t even have. And as with all other endeavors, they’ve learned that it pays to advertise.Īt SophosLabs we recently researched a collection of scams that exploit web advertising networks to pop up fake system alerts on both computers and mobile devices. Internet scammers are always looking for a better way to separate unwitting device users from their money.