Scammers are exploiting a bug on both the Mac and Windows versions of Firefox to dupe users into thinking their systems will be disabled if they don’t take action.
The scammers are abusing a bug in Firefox that for years allowed fraudsters to slug users with login prompt spam, presenting victims with continuous ‘authentication required’ prompts.
Users have reported seeing the following message appear on their screens after visiting a website like Please stop and do not close this PC… The registry key of your computer is locked.
Why did we block your computer? The Windows registry key is illegal.
The Windows desktop is using pirated software. This Windows desktop sends viruses over the Internet. This Windows desktop is hacked. We block this computer for your own safety.
The user is then instructed to call a 1-888 phone number in order to “contact Windows support.” Failure to do so within five minutes, the scammers warn, will result in the computer is disabled.
The number isn’t associated with Microsoft, and victims would likely be asked to pay the person on the other end of the line in order to resolve the fake issue.
The only way to get rid of the window showing the warning message is to “force-close the entire browser using either the Windows task manager or the Force Close function in macOS.
Firefox will reopen previously open tabs, resulting in an endless loop even then, the website adds. To resolve this problem, users must force-close Firefox and then, immediately upon restarting it, quickly closing the tab of the scammer site before it has time to load.
There is currently no fix for the bug, but it has been reported to Mozilla. In a statement, the company said it’s “working on a fix to the authentication prompt bug…that we expect to land in the next couple of releases (either in Firefox 71 or 72).”