Scareware usually tends to get victims’ attention with a bang – like a bright red warning plastered across the screen claiming a virus infection. But a new campaign is using a bang of a different sort entirely.
In the latest iteration of the classic tech support scam, the bad guys are going for maximum shock effect by locking people’s browser with a collage of hardcore pornographic pictures in the background.
“Crooks are making millions of dollars defrauding unsavvy users with fake online tech support. The scam is simple but yet effective and has gone through many variations over time,” said Malwarebytes researcher Jerome Segura, in a blog. “We’ve documented several tricks and fake alerts on this blog, in particular those that lock the user’s browser with fake warnings and audio alerts. Scammers can be very creative, simulating the Blue Screen of Death (BSOD) or even stealing templates used by security companies.”
This is a rather fresh take, as it were.
From there the threat is made up of pretty standard stuff; an on-screen pop-up warns that “due to suspicious activity detected on the computer, critical errors have been found.” Victims are asked to call customer technical support and “share this code” with the “agent” before being asked to pay for a bogus antivirus package, yadda yadda yadda.
Unfortunately, the victim will also be asked to download a program that will allow the perps to remotely access and control the computer, so identity theft and destruction of data is a real possibility.
“Going for pornographic material is not entirely surprising,” Segura said. “This tactic can be quite effective since anyone caught with this on their screen will most likely feel embarrassed enough not to reach out for help with a friend or IT guy, and instead follow the on-screen instructions which involve calling a toll-free number.”
These pages and pop-ups always seem to come out of the blue, while browsing – and getting rid of them via the conventional close button is nearly impossible. The pages all exploit the same design in JavaScript allowing long or infinite loops to prevent users from closing the page. In this case, it’s a porn vortex with no escape.
If stricken, a brick-and-mortar computer repair shop may be the best bet, Segura added – embarrassment or no.