Routine web browsing is often interrupted by numerous pop-up messages warning you of a potential virus on your device. Even trusted websites are filled with aggressive ads that block access to the content you need. You click or tap the tiny ‘X’ in the corner of the notification, but sometimes, it redirects you to other intrusive websites. Dubious gambling site sign-ups, adult content, and fake anti-virus software offers line up, ready to trap their next victim.
In reported incidents, victims were accused of viewing illegal content and were informed that their systems had been “locked” or “blocked.” Soon enough, panic sets in, and you are ready to comply with the demands of these unknown authorities.
This is one of the many tactics from the cybercriminals’ playbook that reappear from time to time. We decode the scam to help you avoid costly mistakes.
Modus Operandi
Setting the Bait: Cybercriminals use vulnerability scanning tools across numerous websites to identify security weaknesses. These can include outdated plugins and content management systems, open upload areas without proper checks, or misconfigured cloud storage. It allows hackers to sneak in malicious code/script, files, links, or spammy pages, which can get indexed by Google.
Malvertising: In other cases, cybercriminals can also buy ad space while posing as genuine advertisers and publish harmless ads for approval. Once given the nod, they swap these ads with malicious ads that redirect you to spam website pages.
Fake Alert: Once you visit a compromised webpage, it immediately shows pop-up notifications that mimic real system messages or official warnings. It may display a banner saying “Security Alert”. The common tactic of cybercriminals is to claim you’ve been caught viewing pornography or participating in gambling.
System Locked: The displayed message will claim your system or device has been “locked” and threaten arrest by the police under various sections of the Indian Penal Code (IPC) or Bharatiya Nyaya Sanhita (BNS). It may also claim that there is video or photo evidence of you browsing illicit sites via your webcam. There is no footage, and this threat is used to coerce victims into compliance.
Pay Now or Face Action: The message further informs you that to avoid arrest or any other action, you must pay a hefty fine immediately.
Red Flags
Pop-up or alert messages claiming to be from the government or police demanding payments for alleged “illegal activities”.
Countdown timers and urgent messages threatening action if the fine remains unpaid within the next few minutes.
Generic or unofficial wording of messages with grammatical or spelling errors. Inconsistent or forged logo and usage of low-resolution images (if any).
What To Do
Do Not Engage: Scammers instil panic and urgency that makes you transfer money immediately, and thus, it is crucial to pause for a minute and calm yourself down.
Shut Browser: Instead of clicking on any link, close your browser. If it refuses to shut down, simultaneously press Ctrl+Alt+Delete (Windows) or Force Quit (Mac).
Quick Scan: Run your trusted anti-virus to scan and eliminate any malicious adware or scripts that might have been installed on your device.
Block: Adjust your browser settings by reviewing your privacy, security, and site options, which enables you to block pop-ups and manage redirects.
Notify: If you made any transactions to the scammer, alert your bank immediately. If you used any debit or credit cards to make payments, it is recommended to block them and change your net banking passwords.
Report: Report the incident as soon as possible through a government portal, such as Chakshu (https://sancharsaathi.gov.in/sfc/), or the national cybercrime helpline at 1930. You can also lodge a complaint with the local police station.
Share: Inform your circles and communities about the scam and ask them to be cautious of any such alerts.
The Quint's Scamguard initiative aims to keep up with emerging digital scams to help you stay informed and vigilant. If you've been scammed or successfully thwarted one, then tell us your story. Contact us via WhatsApp at +919999008335 or email us at myreport@thequint.com. You can also fill out the Google form and help us take your story forward.
(At The Quint, we question everything. Play an active role in shaping our journalism by becoming a member today.)