Tech Support Scammers exploit downloads trick again
The idea behind the scam is quite simple: display a support scam message to the user and make the browser freeze at the same time. Users cannot close the tab anymore or the browser because of the freeze which may make them call the fake phone number to get support for the issue.
The method pushes CPU load to the maximum so that it is quite difficult to get any reaction at all from the computer.Â The notification informs users that their PC has been blocked or that something else happened that requires them to call a support line to resolve the issue.
In one case, users were asked to call Microsoft but the number is not operated by Microsoft but by the scammers.
Users who are quick enough can close the tab before the downloads are unleashed as the script fires after the page has loaded fully.
Google fixed the issue in Google Chrome 65 but the issue appears to have resurfaced in the recently released Chrome 67. While it is probably only a matter of time until Google fixes the issue again, it is recommended to play it safe until then.
The February bug report on the Chromium site lists a proof of concept HTML file that interested users can run to test their browser against the vulnerability. It is recommended that you run tests in virtual environments or on spare PCs as you may need to force a restart of the system.