Researchers Discover New ‘Tech Support’ Scam Affecting Google Chrome

Online scammers have long had a variety of tools at their disposable. But this week, a security researcher has disclosed yet another method that can allow scammers to exploit users.

The new scam technique was first reported by researchers at Malwarebytes, and it uses scare tactics to coerce unwary users to call a fake tech support line and provide credit card details to the malicious entities.

How the Scam Works

The scam is tailor-made to affect Google Chrome, which is the world’s most popular web browser by most measures. The GIF below, courtesy of Malwarebytes, shows off what a Windows user might see when they’ve been hit with the browser-jammer. The scam has two parts.

The first is to render a browser unusable by forcing it to save a file to disk over and over. It does this by taking advantage of an API and browser other functions. This exploit happens so fast that it’s hard to tell what’s going on.

The end result is a completely unresponsive browser after about five to 10 seconds that cannot be closed through traditional means. On some computers, this browser exploit can also exhaust the system’s memory — causing further issues with the device.

The second part is to display a fake error message that tries to trick the user into believing that there is a serious security issue with their computer, and that their device has crashed.

This error message will typically have a fake phone number to call, ostensibly a “support number” for Microsoft or another firm. The number is staffed by scammers masquerading as employees who will then attempt to get a user’s credit card information so that they can “fix” the non-existent issue.

The scam is typically deployed via malicious web advertisements or otherwise legitimate websites that have been hacked or compromised.

Who Does It Affect?

As stated above, the exploit uses an API within Google Chrome. According to Malwarebytes researchers, the scam seems to be primarily targeting Chrome users on Windows — which makes up a large subset of the internet-using population.

The scam is also more frustrating to mitigate on Windows. That’s largely because, as Malwarebytes’ Jérôme Segura points out, Chrome for Windows displays a dialog box saying the browser has become unresponsive but doesn’t give the user the option to close out the responsible tab.

Reportedly, the scam can also be deployed on Google Chrome for macOS. But macOS has a different method for dealing with unresponsive tabs: the system message letting users know that a tab has become inactive will also let users close the individual tab. So it’s arguably not as effective on Mac computers.

What You Can Do About It

1. The most important thing to remember if you fall victim to a similar scam is not to panic. And, whatever happens, don’t call the fake tech support number.
2. Your primary goal should be to close out of the affected tab. If your particular browser or operating system is making that difficult, you can usually force-quit the entire browser by using Control-Alt-Delete to access the task manager in Windows. Alternatively, Mac users can use Command+Option+Esc to force quit the unresponsive browser.

In a statement, Google said that it is aware of the issue and is currently working on a patch for Chrome.