An Old Tech Support Scam Is Back

A tech support scam that was shut down a couple of years ago is back, this time masquerading as a browser locker. You’re happily going about your business on the internet when suddenly a red screen appears, telling you that your computer is infected (one Identity Theft Resource Center staffer even had audio warnings accompanying the message, to make it seem more serious) and it appears your browser is locked.

The catch is the browser isn’t locked at all, it just appears that way. The user is generally frightened into not clicking out of it, turning off the computer, or taking other actionable steps. Instead, the message tells the user to contact tech support—sometimes listing real companies like Microsoft or the security firm Malwarebytes—who will redirect them to another external support company. The victim is coerced into paying to “clean out” the computer, then duped into purchasing an expensive “tech support” subscription.

All that money was spent on an issue that could have been undone with a few clicks.

The first thing you can do to protect yourself is to understand a few basic principles behind how your computer works. Some tech support scams are perpetrated through the phone, meaning a scammer calls you and informs you that your computer is infected. But no one hires teams of professionals to sit in a help center and monitor your network; not only would that be an incredible invasion of privacy, but how would Microsoft afford to pay people to “watch” millions or even billions of users’ computers?

Popup boxes are also familiar sources of tech support scams, but the strange thing is they’re generally harmless. They’re often just some code that was inserted in the webpage you’re viewing. It’s only when you click on the button to “clean” your infected computer that you install the virus yourself.

In this scam, though, the criminals are using a browser locker. It makes you think your browser is frozen or locked up. It’s really not. You were merely redirected to a malicious URL that looks like a warning. All you have to do is click control-alt-delete (on a Windows computer) to open the Task Manager, then highlight the browser and click “End Task.” When you relaunch your browser, it might offer to “Restore” your previous session; don’t do that since it will reopen the page with the browser locker and you’ll have to repeat this process.

It’s worth noting that many browser lockers frighten you with warnings about criminal activity. It might be a message that claims to come from the FBI, saying you were looking at pornography (not a crime, in most cases) or pirating copyrighted content (this is a crime, but that’s not what you were doing when your browser locked up). There might be warnings about how all content on your computer will be recorded by the government if you click out of the browser, or other ridiculous claims. Don’t fall for the scare tactic. Just exit your browser and make sure your popup blocker is enabled.

Contact the Identity Theft Resource Center for toll-free, no-cost assistance at (888) 400-5530. For on-the-go assistance, check out the free ID Theft Help App from ITRC.