A new online scam targeting Israelis and others abroad makes use of the Israeli police to convince users their computer has been arrested. But its not really new. In fact, there's even a name for it: police browser locker, in which scammers try to extort money from computer users by throwing onto their screen what looks like a notice from law enforcement saying the police have locked their browser due to illicit activity and they must pay a fine to unlock it. Don't worry, your computer is fine.
When a victim is targeted by this attack, their browser sounds a loud alarm and shows what appears to be the Israel Police website, with a message saying the browser has been blocked because it was used for illegal activity and can be unlocked immediately by paying a fine via credit card. If the user tries to close the window by clicking the X of the browser tab or typing in a different url in the address bar, a (fake, of course) warning appears, threatening arrest.
Of course the threats aren't real, and in fact no one has done anything to your computer except to put a fake image on it. The solution is incredibly simple: Press F11 to exit full-screen mode and close the browser tab, or Alt+F4 to close the browser entirely.
Shaul Greenfeld who found the case and wrote on Twitter the source infecting some of the users’ browsers was one of the websites hosting the Pirate Bay site, a popular downloading website that can be accessed through any one of hundreds of “mirror” sites.
What the scammers have done is to exploit a minor vulnerability in Chrome that allows programmers to give a command to run the browser in full-screen mode automatically. It works in the exact same way for users who can enter and exit the mode by pressing your keyboard's F11 key. Programmers use the feature for a variety of purposes, such as enabling users to watch videos on the entire screen, but unfortunately bad actors can use it as well.
Hackers will use the trick to display a full-screen image of a Windows desktop with the browser open in full-screen mode, complete with the Microsoft Windows icon at the bottom and other elements of the desktop, and showing a screenshot of the Israel Police website – albeit with completely bogus content. The use of full screen mode unbeneknos to users makes it seem the entire computer is locked, when all they are seeing is just an image.
Most users won't notice the small message prompted when your browser enters full-screen mode, nor the fact that what they're seeing is a fake screen grab. They might actually believe that the police or a hacker has taken control of their computer. Even if they decide not to pay the "fine," they'll stress needlessly.
The malware containing the script that runs the scam can get to legitimate websites in a variety of waves, from shady ad servers to attacks on the websites. So if you’ve seen this screen it does not even mean your computer has been infected. Like with passwords, remember that the police will never ask you for your credit card details and any such demand is a scam.