It seems that cybercriminals have decided to take cybercrime level to a whole new level in 2016. They have become surprisingly inventive over the past few years, and they continue designing new methods to delude computer users. This time, tech support scammers target Google Chrome users, and they use really tricky methods to deceive them. For example, phishing pages they create now are designed to open victim’s browser in a full-screen mode, which immediately hides user’s interface (UI) (the entire address bar, toolbars, and menu buttons). The phishing website has an image situated at the same place where the real Chrome’s UI should be, displaying a fake UI toolbar. The fake URL bar showcases a forged web address, imitating that the website is the actual Microsoft Support page. In fact, it is nearly impossible to spot that the address bar is fake – the victim can only notice that by moving the mouse to the top of such website.
Another technique to confuse users and make them believe that the computer is severely messed up is to display counterfeit pop-up messages, also known as alert dialogs. You probably know that when websites keep displaying pop-up dialogs, one of them gives the option to prevent the page from displaying additional dialogs. Normally, it is enough to tick the checkbox and click OK. However, rogue alerts that phishing websites trigger also suggest this opt-out feature, however, you can spot that it is a fake one rather easily – instead of displaying “Prevent this page from creating additional dialogs,” the bogus one displays “Prevent this page from creating additional dialogues.” Once the victim ticks such fake option and hits OK, more pop-ups show up shortly. Scammers also forge pop-ups by making minor adjustments in them, for example, if you ever see “Press ESC, to close this page!” line, do not click ESC at any costs. The comma should not be there, and it indicates that it is a fake pop-up message. This particular message can be closed by putting a tick into checkbox next to legitimate suggestion to prevent the page from displaying additional dialogs and clicking OK.
Do not start blaming Google Chrome if it starts displaying annoying and never-ending pop-up alerts. Look at these pop-up alerts attentively because there might be grammar mistakes, which indicate that the browser has been infected with malware crafted by tech support scammers. Unfortunately, there are still hundreds of active phishing websites that urge people to call tech support scammers. Scammers have hundreds of domains, and it takes about 6-15 hours for browsers to detect and identify such sites as phishing ones. On top of that, it seems that web hosting companies tend to overlook reports about phishing websites and respond to them after a few months only. In the future, scammers might invent many new ways how to trick users to call the bogus help desk. Cyber security specialists suggest Internet users do not to take any rash actions if they notice warnings or notifications to call tech support. In case you suspect your computer is at risk, the first thing that you should do is check the system using anti-malware software.