Scams have been in existence from the earliest days of human civilization but technology and the Internet have given less conscientious agents a broader and longer reach than ever before. Such scams cove a wide variety of techniques and consequences, ranging from the annoying to the destructive. A new breed of scams is now starting to go around affecting Firefox users that, while not entirely destructive, may appear so legitimate that it will scare users into some harmful reaction.
On the surface, the Firefox bug that enables these scams is a simple one. It basically locks users out of their browsers by preventing any form of action to be taken, including closing the tab or simply closing the browser itself. The only way to end the freeze is to force close Firefox using Windows’ or macOS’ system tools that most users probably know nothing about.
What makes this bug harmful in practice is how scammers are able to trigger it simply by getting users to load a web page, one that’s obviously designed to look legit. Throw in a scary warning about some illegal activity detected, like a pirated Windows license, and a toll-free number to call and you’ve got the ingredients for what could look like some ransomware.
Mozilla is already aware of the bug and is working quickly to patch it up. Unfortunately, there is no update scheduled yet that will bring this fix to users immediately. Making matters worse is the fact that bug is being exploited in the wild right now.
The immediate fix is to close the tab that is triggering the bug but that’s easier said than done. Forcibly closing Firefox and restarting it may be enough, provided the browser isn’t set to reopen previously closed tabs. The problem, however, is that regular users may not be aware of that and will immediately panic and do what the warning tells them to.