Everyone knows the pain of a machine or device that won’t work. There aren’t many things that are more maddening. You need to get your work done, are waiting to watch your favorite show on Netflix, or are trying to contact someone, and your machine or device is not cooperating. It’s what leads you many times to just wanting to throw the machine or device out the window.
That’s what makes it even more upsetting when hackers make their way through to tech help. They are taking advantage of the most vulnerable. But this is an old scam that just won’t go away.
It’s been discovered that the tech support scammers are now taking advantage of a Firefox bug fix to lock up the screens of Windows’ users, still operating on the same premise of convincing them they need to call a bogus tech support hotline.
Windows Tech Support Hack for Firefox
The scam takes advantage of an existing fix for a bug that’s been around for a long time that allows scammers to spam users, convincing them they tech help by sending them “authentication required” prompts. If you haven’t fallen for it, you know someone who has or are worried about a less-tech-savvy person who will.
The prompts that are sent to an affected user prevent them from leaving or closing the browser, locking it up. Mozilla issued a fix with Firefox 68 that was intended to handle the situation and prevent an attack.
The fix blocked all “authentication required” prompts, even those that are issued through Mozilla.
Jérôme Segura, the head of Threat Intelligence at Malwarebytes, found that the scammers have found a way to bypass Mozilla’s fix, and this allows them to use Mozilla’s tactics for fixing the scam to actually con victims further.
He also found a second browser-lock scam that was reported to Mozilla a couple years ago, yet they still have not fixed it yet. The scam was initially targeted toward Google Chrome but was fixed in Chrome version 67.
With this particular scam, beneath the number for Windows tech support is a series of dire warnings to the user, such as the following:
“Do not ignore this important warning
Please stop and do not close the PC
The registry key of your computer is locked.
Why did we block your computer?
The Windows registry key is illegal.
This Windows desktop is using pirated software.
This Windows desktop sends viruses over the Internet.
This Windows desktop is hacked.
We block this computer for your safety.
Please call us within 5 minutes to prevent your computer from being disabled.”
Avoiding the Scam
Segura has filed a bug report with Mozilla, and developers are working on a fix for the newer bug in a future release of Firefox. There has been no report on whether they will finally fix the older bug.
Unfortunately, these scams are showing it’s only going to continue. As long as there are people who will possibly fall victim to scams, scammers are going to continue to exploit them.
Users need to be diligent and realize Windows and Mozilla are never going to take over their screens and request authentication. But as long as there are people out there who believe it could happen, the scams will survive.
Have you fallen victim to a Windows tech support scam? Tells us about your experiences in a comment below.
