14 DAY TRIAL // A new browser locker uses official Microsoft Support branding in an attempt to make people call a phone number to unlock their browser while also playing a spoken audio message in the page's background to scare non-technical users.
Browser ransomware, more accurately referred to as browser locker, works by locking the current browser session with an uncloseable popup.
While savvy users can easily get rid of such pesky scareware, non-technical ones are either tricked into calling a support number to unlock their browser window or have to move their operations to a new browser.
New browser locker passes as a Microsoft Support page
According to a recent blog post, RSA Research has detected a new browser locker instance, which seems to be the work of some pretty experienced cyber-criminals who combined different scareware design techniques into a pretty solid (and annoying) intruder.
For starters, the page on which the attackers lock the user's browser looks like a regular and genuine Microsoft website, one that even we, regular visitors of Microsoft's sites, would have a tough time spotting from the get-go.
Secondly, the browser locker plays an audio message in the page's background, one that reads out its popup warning, just in case the victim needs an extra push to call the "technical support" number and pay a ransom or various useless fees.
RSA reports that the ransomware works on multiple browsers, and despite being easy to dismiss by closing the browser instance from the Windows Task Manager, users who know how to do that are probably not the locker's targets, to begin with.
The locker is stupid for tech-savvy users like us, but extremely effective with others
Just as all scareware, the browser locker targets people with modest technical skills, usually elderly people with less experience in dealing with online shenanigans.
In case you stumble on such problems, avoid calling so-called support numbers provided on the page, and always have two browsers installed on your PC, as a general rule for Internet browsing. In case one gets locked, you can also use the second to debug the problem and not be locked off the Internet, where most tutorials on how to "remove browser lockers" can be found.
The technique of using Microsoft as a front company to fool users into paying fake support fees is an old one. Just this October, Microsoft said it received over 175,000 user complaints about fake tech support scams.
Back then, Microsoft informed us that most complaints came from retired people, and it even held meetings with the AARP (American Association of Retired Persons), providing training to avoid such situations.
P.S.: Look at the image below, of the browser locker's popup message. Can you spot the wording that gives it away as a fake?
Firefox" alt="Browser locker popup message, on Firefox" />