Tech-support scammers have a new trick to send Chrome users into a panic

Enlarge (credit: Malwarebytes)

Con artists pushing tech-support scams have an arsenal of ways to lock up the browsers of potential marks. On Tuesday, a researcher disclosed a new weapon that freezes Google Chrome, which, by most measures, is the Internet’s most widely used browser.

The point of all the techniques is to render a browser unusable immediately after it displays a fake error message reporting some sort of security breach. Given the appearance of a serious crash that can’t be fixed simply by exiting the site, end users are more likely to be worked into a panic and call the phone number included in the warning. Once called, the scammers—posing as representatives from Microsoft or another legitimate company—stand a better chance of tricking the caller into providing a credit card number in return for tech support to fix the non-existent security problem. The scams are often transmitted through malicious advertisements or legitimate sites that have been hacked.

A new technique reported by security provider Malwarebytes works against Chrome by abusing the programming interface known as the window.navigator.msSaveOrOpenBlob. By combining the API with other functions, the scammers force the browser to save a file to disk, over and over, at intervals so fast it’s impossible to see what’s happening. Within five to 10 seconds, the browser becomes completely unresponsive. Users are left viewing a page that looks like the left side of this image: