Trend Micro has found a new tech support scam that abuses HTML’s Inline Frame element (iframe) along with authentication pop-ups to freeze victims’ browsers by trapping them in a type of loop. The web page imitates a Microsoft support page and presents users with two pop-ups.
One offers a phony Microsoft support phone number, while the other prompts users to log in. When users click the “cancel” button on the login prompt, they’ll be sent back to the initial URL, which will trigger another pop-up. This is achieved by setting the page’s showLogin as an iframe.
Trend Micro’s researchers think the scam is most likely distributed through advertisements. They emphasize that these scams rely on users’ fear arising from their seeming inability to recover their browsers.
“As has been highlighted in this new campaign, users can look out for suspicious characteristics of a webpage, such as unfamiliar URLs, pop-ups asking for authentication, or any sort of information and messages that raise panic and alarm,” they write.
In this case, users can close the browser from the task manager and then scan their systems for malware. New-school security awareness training can teach your employees to recognize the signs of these scams and remain calm when they encounter them. And remember, just close the browser. The scammers have got nothing on you.