Tech support scams are becoming more prevalent, and another new one is doing the rounds which uses an exploit in the Chrome browser to slow the user’s machine down severely, followed up by an offer of ‘support’ for the problem.
As Neowin reports, this leverages a long-standing HTML5 bug in Google’s browser which allows for an absolute ton of URLs to be pushed into browser history, which completely bogs the victim PC down.
The scam operates via a dodgy website which warns that your ‘system has been infected’ while overloading your machine as described, and then presents you with a phone number to call, which of course is manned by the scammers who will subsequently try to fleece you in one way or another for the ‘fix’.
Take it to Task (Manager)
In reality, all you need to do to resolve the issue is shut down Chrome by going into Task Manager (which can be reached by pressing Ctrl+Alt+Delete together) and killing the browser session (by clicking End Task). However, performing any action on the PC might be easier said than done, depending on how wonky your system goes due to the assault on the browser.
If everything grinds to a complete and total halt, you’ll just have to hard reset the computer.
This is a nasty little trick in terms of trapping the less tech-savvy, because if the user’s machine does become completely stuck, they might just be tempted to give that fake support number a call. It’s certainly more convincing than the run-of-the-mill sting whereby a virus infection or similar is mentioned in big warning pop-ups, but there are no apparent effects.
Malwarebytes spotted this scam in the wild, and has reported it to Google, so hopefully the Chrome team will lock down the bug in question now that it’s being actively used as bait to trap unwary web surfers.