What is a browser locker? Why should you care?

The holidays are the time for giving and receiving, but that offer for a free virus scan isn’t a Christmas gift from your friends on the Internet.

***************************************

One morning, an employee of a large company gets a pop-up in his browser, disallowing any other activity, stating his computer was locked and infected. The app suggests it perform a scan to clean it up. All he has to do is sign up.

The site looked legitimate to this unsuspecting user, so he entered a username and password and, as directed, downloaded software to his computer, which looked to him to be performing a scan. Indeed, it was. Unbeknownst to him, it was scanning for, and copying usernames and passwords and spreading to other computers in the company for the same. When it finished, everything closed, and the user was told the malware had been found, isolated, and removed. The pop-up went away.

Later that day, the stolen usernames were used to plant ransomware, leaving this company stranded and near hopeless for several days.

So.. what is a browser locker, and why should you care?

A browser locker, also known as a browser lock screen or browser locker scam, is an online scam that attempts to deceive users by displaying fake error messages or warnings on their web browsers. These scams often aim to trick users into taking certain actions, such as scanning a computer, calling a fake tech support number, or paying money to resolve a non-existent issue.

Here's how a typical browser locker scam works:

·      The Initial Trigger: Users may encounter a browser locker when visiting certain websites or clicking malicious ads. These websites are designed to trigger the scam when users access them.

·      Fake Warning Message: Once triggered, the browser locker displays a fake warning message that appears to be from a legitimate authority, such as a government agency, law enforcement, or a well-known company. The message often claims that the user's computer is infected with malware, involved in illegal activities, or facing other critical issues.

·      Locking the Browser: The scam may attempt to lock the user's browser, preventing them from closing the tab or navigating away from the page. This creates a sense of urgency and panic, making users more likely to fall for the scam.

·      Instructions to Call a Number or Pay Money: The fake warning message typically instructs on resolving the supposed issue. This may involve calling a tech support number (often a fake support line) or paying a certain amount to unlock the browser.

·      Social Engineering Tactics: Scammers often use social engineering tactics to create a sense of urgency and fear. They may claim that failure to take immediate action will result in severe consequences, such as legal action or permanent computer damage.

Here’s what we recommend:

·      Avoid Suspicious Websites: Be cautious when visiting unfamiliar or suspicious websites, especially those that prompt you to download software or provide personal information.

·      Use Security Software: Ensure your computer has reputable antivirus and anti-malware software installed to help detect and prevent such scams. When we receive a call to our Virtual CISOs™ requesting help, Trusted Internet recommends using Sophos Intercept X. It’s a low-cost, easy install and runs on Mac or PC, iOS, and Android. Buy it directly through Sophos, or contact Trusted Internet for a 24x7 managed, monitored 30-day trial.

·      Keep Browsers Updated: Regularly update your web browser to the latest version, as updates often include security patches that protect against known vulnerabilities.

·      Use Ad Blockers: Consider using ad-blocking extensions in your browser to reduce the risk of encountering malicious ads.

If you encounter a browser locker scam, do not follow the instructions on the fake warning message. Instead, close the browser tab or window and run a full antivirus scan on your computer to ensure it is not infected with malware. If you're unsure about the legitimacy of a warning message, contact your information security, IT, or Trusted Internet for expert help rather than using any contact information provided by the suspicious message.

Need help? Schedule a no-cost 30-minute consult with one of our Virtual CISOs™; contact your assigned Virtual CISO™ or reach out to us at staysafeonline@trustedinternet.io