New scam hijacks Chrome browser to steal your personal data

Google-Chrome-UK

TechViews News   …..

Google Chrome browser is once more under attack from scammer. This time, the browser is completely hijacked and locks up your computer, trying to get you to give your credit card information to bogus technical support. This used to be a scam that was targeting users of the Internet Explorer browser, but now the scammers have moved on to Google Chrome as well.

As in the Internet Explorer version, it starts with a fake error message. “The bug that it triggers is more than just an annoyance in the sense that it will render your Chrome browser frozen and unresponsive,” says Jerome Segura, Lead Intelligence Analyst at Malwarebytes.

But in Chrome’s case it gets even worse. “In our tests, it also caused the Windows operating system to become unstable if we let it continue to run for more than just a few minutes,” Segura said.

To recover, people on Windows machines generally use the Windows Task Manager to terminate the browser processes. Manually shutting down the entire browser can be a problem because the user risks losing any unsaved work and login information contained in any open windows.

After the malicious code locks the browser, the fake warning tries to trick a user into calling a number. Then, a person posing as a company representative – from, for example, a well-known American technology company – asks for sensitive personal or financial information to fix the bogus issue.

“That’s where it does become a serious issue for the individual,” says Inga Goddijn, executive vice president at Risk Based Security. “These messages are purposely designed to cause fear and provoke users into turning over sensitive information or in some cases even control of their computer. From there, the scammers really are in the driver’s seat.”

There are other variants of the scam too. For example, one that also locks up the browser offers fake deals, such as a gift card to Amazon, Best Buy, or Lowes. Those gift cards are bogus as well.

The issue was covered in a blog post last week by Malwarebytes, which was cited in a report by Ars Technica.

Is there a fix the problem?

Not really. There are ways to handle the lock-up after it has happened, but no way to actually block the malicious code from running has been developed yet.

In Windows, you can use the Task Manager to “end task” and terminate the browser. But there are dangers to that, as I mentioned above.

Also be aware that this new scam comes with a twist — it causes the malicious page to return and lock up the browser each time you re-open it. So users will have to reset their browser so it won’t open to the last opened page.

No legitimate company will lock up your browser

Finally, it’s important to remember that no legitimate company would ever intentionally freeze a browser and force a user to reveal sensitive personal information.

Large tech companies do not send unsolicited messages or make unsolicited phone calls in order to obtain personal or financial information. Therefore, it’s important not to provide any personal information in the case of unsolicited requests.

Be Safe – Backup Your Data Regularly!

**********

And don’t forget to take advantage of our FREE subscription to the TechViews News Updates. You will receive all of our updates and posts the moment they are published.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s