Scammers have developed a new tactic that takes advantage of your web browser’s full-screen mode to show a fake Windows 10 desktop stating your computer is locked.
This type of scam is called a police browser locker.
The scam uses a screen which looks like law enforcement locking your browser due to illegal activity. The scams then state that if you pay a fine with a credit card, it will unlock your computer so you can use it again.
These types of scams are usually easy to detect since they use fake or suspicious URLs. They also allow you to use other apps on your computer even if the browser is locked.
Because these hackers know this, they have taken an extra step.
The attackers are tricking web users into visiting fake sites that display a full-screen image of a Windows 10 desktop with the Chrome browser open.
These fake Windows 10 desktop images will fill up the entire screen and pretend to display the web site for the country’s local police force. As the attackers are just displaying an image, they can also display the legitimate government URL to make it more convincing.
These fake web sites state that the police locked the user’s computer for conducting illegal activities such as viewing and disseminating pornographic images of children, zoophilia, and rape. Victims are then prompted to enter their credit card details to pay a fine of approximately $800.
When displaying these screens, the scam will show different law enforcement web sites and languages depending on the URL visited or possibly what country you’re from.
Malwarebytes report this scam targeting web users from Qatar, UAE, Oman, Kuwait, and France.
French Police browser locker.
hosted on 193.35.50[.]253.
— MB Threat Intel (@MBThreatIntel) December 20, 2019
Here’s an example of some of the text shown in the UAE variant of this scam.
“Your browser has been locked due to viewing and dissemination of materials forbidden by law of [country], namely pornography with pedophilia, rape and zoophilia.
In order to unlocking you should a [amount] [currency] fine with Visa or MasterCard.
Your browser will be unlocked automatically after the fine payment.
Attention! In case of non-payment of the fine, or your attempts to unlock the device independently, case materials will be transferred to [police_force_name] for the institution of criminal proceedings against you due to commitment a crime.”
If you enter your credit card details into this form, the attackers will automatically steal the payment information.
What makes this new variant of the police browser locker so clever and effective is that when the image is shown by the browser in full-screen mode it overlays the entire screen, including the normal Windows 10 desktop.
This can cause users to think that the fake Windows 10 desktop image is their normal desktop. The difference, though, is that clicking on the Start Menu, closing apps, or starting new ones will not work.
REMEMBER Law enforcement will never lock your browser like this and then demand a fine be paid online.
If you ever see a message on your screen like this, press Alt+Tab to see if you can get back to your normal desktop or press Ctrl+Alt+Delete to open the Task Manager and terminate any browser processes.