Tech Support Scam Asks for Passkey

Tech Support Scam Asks for Passkey

There are countless variations on tech support scam pop ups ranging from different colours, sounds, and of course alarming – but fake – messages.

This one is no different, building upon an existing scam template the crooks added a new ‘feature’. Instead of the constant barrage of pop ups that some browsers will eventually block as over obtrusive, it uses a different way to stall its victims:

scam

Indeed, it is asking for a ‘safe key’ in order to unlock your browser. This is very reminiscent of the browser locker (browlock) that uses a similar technique by asking for a voucher number.

The only difference here is the fact that their are very few instructions, other than a phone number to ‘get your safe key’. The screenshot above was taken on a Windows 10 machine running Edge, Microsoft’s latest browser. Using the X button at the top right corner or clicking on ‘Cancel’ multiple times does not close the browser.

People that feel stuck and are able to use the TaskManager to kill the browser’s running process may very well end up calling for assistance… except they’d be calling the scammers themselves!

Finding the passkey turned out to be easier than we thought. It was simply stored within the page’s source code within a JavaScript block:

passkey2

Entering that key within the window prompt results in the browser ‘unlocking’ itself. We can suspect that the technicians are already in possession of the key and will magically use it to ‘fix’ the victim’s computer.

There is nothing sophisticated with this attack and yet its simplicity also makes it powerful enough to be a problem for modern browsers by using legitimate JavaScript methods. And the crooks are laughing about it (see how they name the function that creates the warning ‘lol’ in the picture above).

As always the best course of action against these fake warnings is a good dose of common sense and calm. There are many ways to get rid of these messages without having to call or worse pay the scammers.

In the “Search the web and windows” box, simply type task manager and open the program. Then, select the Edge process and click ‘End task’.

For more information on tech support scams and how to deal with them, feel free to check out our help section.

ABOUT THE AUTHOR

Jérôme Segura

Principal Threat Researcher