An article for Microsoft’s Technet describes a somewhat innovative tech support scam. It uses a script associated with the JS/Techbrolo family, known for its habit of generating fake alerts involving dialogue loops and audio messages. So far so average. But in this case, the pop-up isn’t a dialogue loop, but a website element of the scam page. If the victim clicks anywhere on the ‘dialogue box’ or anywhere else on the page, he or she is presented with what looks like a full-screen browser page open at something looking very much like a Microsoft support URL: however, it’s actually just another website element.
HT to David Bisson, whose Tripwire blog drew this to my attention: Tech Support Scam Uses Website Elements to Spoof Microsoft Support Page