Browser Lock Scams
Pages that fake a 'locked' or 'frozen' computer to force a call to fake support.
Last reviewed: 1 June 2026
What this scam is
Browser lock scams display a full-screen webpage designed to look like a genuine operating-system security lockout or a law enforcement block. The page claims your computer has been locked due to a virus, illegal activity, or a data breach, and instructs you to call a phone number to resolve the situation. The page is specifically designed to feel like it is beyond your ability to dismiss or ignore.
Despite the appearance, these are entirely browser-based pages. Your computer has not been locked, no authority has frozen your device, and no genuine virus has been detected. The alarm sounds and official-looking imagery are produced by a webpage using standard web technologies, not by your operating system.
The scam is closely related to fake antivirus scams and fake tech support calls — it is essentially a pop-up that has been engineered to be more difficult to dismiss, used as a higher-pressure gateway to a phone-based support scam.
How it works
The lock page is triggered by a malicious advertisement on a website you are visiting, or by visiting a compromised site directly. The page uses JavaScript to enter browser full-screen mode and may disable or appear to disable the ability to navigate away, close the tab, or use the browser's back button.
The page displays alarming content: a warning in official-looking design claiming your device has been locked by a security authority, Microsoft, Apple, or a law enforcement body. A phone number is prominently displayed as the only route to resolution. The page often plays audio — an alarm sound, a repeating voice warning, or both — to heighten urgency and make it uncomfortable to remain at the computer without acting.
Some variants include a countdown timer, after which they claim your data will be deleted or your device permanently disabled. Others display a fake 'case number' to add an air of bureaucratic legitimacy.
When you call the number, you reach a fake support line. The caller will confirm the 'lock' and offer to fix it remotely — requesting that you install remote-access software. From there, the scam proceeds as a standard remote-access fraud: the caller accesses your banking, steals credentials, or charges for a bogus repair.
Why this scam works
The full-screen display and the prevention of normal navigation create a sense that something has genuinely happened at the operating-system level. Most people are unfamiliar with the fact that a browser page can enter full-screen mode and use JavaScript to make navigation difficult — so the experience feels like a genuine system event rather than a webpage.
The sounds and visual intensity make it uncomfortable to simply leave. The 'do not restart' instruction exploits uncertainty — if there really were a problem, would restarting make it worse? Most people do not know the answer and choose caution.
Claims of illegal activity add a layer of fear that goes beyond a simple infection warning — the suggestion of potential legal consequences pressures people to engage with the 'resolution' offered.
A typical pattern
A person browsing the internet encounters a page that fills their screen with a warning bearing official-looking logos, stating their device has been locked due to suspicious network activity. An alarm sound repeats. A prominent phone number is displayed. The person, uncertain whether the warning is real, calls the number. The caller confirms the 'lock' and asks them to install a remote-access tool. After connecting, the caller claims to see 'hacker activity' in system logs and charges a fee for the removal service. The person later finds that during the session, a bank transfer was initiated from their device.
Common red flags
- Full-screen 'your computer is locked' warning appearing suddenly in the browser
- Alarm sounds or voice message from a browser window
- 'Do not restart your computer' instruction
- Claims of illegal activity detected on your device
- A phone number prominently displayed as the only resolution
- Fake case number or official logo to appear legitimate
- Countdown timer claiming data will be deleted
- Inability to close the tab or navigate away
Sanitized example messages
Illustrative, sanitized examples. Personal details are replaced with placeholders such as [phone number] and [fake link].
Your computer has been locked due to suspicious activity. Call [phone number] immediately. Do not shut down.
WARNING: Your computer has been infected with spyware. Call Microsoft Support at [phone number] to restore access.
ILLEGAL ACTIVITY DETECTED: Law enforcement has temporarily restricted your device. Call [phone number] to verify your identity.
YOUR WINDOWS COMPUTER IS BLOCKED. Contact Windows Technical Support immediately at [phone number]. Do not restart.
SECURITY ALERT: Trojan virus detected. Your data is at risk. Call [phone number] within 5 minutes to prevent data loss.
ACCESS RESTRICTED: Your IP address has been flagged. Contact [phone number] to unlock your system.
Common variations
- Law enforcement lock — page claims government or police have blocked the device
- Microsoft/Apple lock — impersonates the device's operating system provider
- Virus lock — claims a severe infection has triggered an automatic lock
- Illegal content detected variant — particularly fear-inducing claim of illegal activity
- Pop-under variant — opens a lock page when you try to close the browser
- Audio loop variant — plays repeating alarm and voice warning to sustain pressure
How to verify before you act
The most important thing to know is that your operating system is never locked by a browser webpage. A genuine OS lockout does not display a phone number and does not produce alarm sounds through your speakers.
You can safely force-quit the browser. On Windows, press Ctrl+Alt+Delete and open Task Manager to close the browser process. On Mac, press Command+Option+Escape to open Force Quit. Alternatively, press and hold the power button to restart. None of these actions will cause any harm to your computer or data.
After force-quitting, reopen the browser and choose not to restore the previous session. The lock page will not reappear.
Law enforcement agencies do not lock computers via browser pages and do not provide phone numbers for you to call to unlock them.
Payment methods used
- Credit or debit card charged for bogus repair
- Remote-access theft from banking apps
- Gift cards
Who is usually targeted
- General browser users
- Older adults unfamiliar with browser mechanics
What to do immediately
- Do not call the phone number — it connects to a scam support line
- Try pressing Escape or F11 to exit full-screen mode
- Use Ctrl+W (Windows/Linux) or Cmd+W (Mac) to close the tab
- If the tab resists closing, force-quit the browser via Task Manager or Force Quit
- You can safely restart your computer — the warning is a webpage, not an OS lock
- Reopen your browser and choose not to restore the previous session
- Run a security scan if you downloaded anything from the page
How to prevent it
- Know that a webpage cannot lock your computer — any full-screen warning with a phone number is a scam
- Practise force-quitting your browser before you need to under pressure
- Use an ad blocker to reduce exposure to malicious advertisements that trigger these pages
- Keep your browser updated to reduce vulnerability to sites that exploit browser mechanics
- Tell family members — particularly older adults — how browser lock pages work before they encounter one
- Never call a phone number displayed on a browser warning
Evidence to preserve
- Screenshot of the lock page if possible
- The URL in the address bar
- The phone number displayed on the page
- Any case number or reference shown
Where to report it
- Action Fraud (UK) — UK national fraud & cybercrime reporting centre
- FTC ReportFraud (US) — US Federal Trade Commission fraud reports
- FBI IC3 (US) — US Internet Crime Complaint Center
- Scamwatch (Australia) — Australian competition & consumer reporting
- Your bank's fraud line — Use the number on the back of your card or in your banking app — never a number the caller gives you
Always verify reporting routes and emergency contacts on the official government or agency website for your country.
Frequently asked questions
Is my computer really locked?
Almost certainly not — it is a web page pretending to be a system lock. You can safely close or force-quit the browser and restart your computer. Never call the number shown.
The page says 'do not restart' — should I follow that instruction?
No. Restarting is one of the safest things you can do. A genuine OS issue is not made worse by restarting, and a browser lock page is not a genuine OS issue — it will simply disappear.
The page mentioned illegal activity on my device — should I be worried?
No. Law enforcement does not communicate via browser pop-up pages, does not display phone numbers to call, and does not produce alarm sounds. These are scare tactics. The page is a scam.
Why can't I close the tab?
The page uses JavaScript to intercept navigation and may use repeated dialogue boxes to block you. Pressing Escape to exit full-screen then using keyboard shortcuts usually works. If not, force-quit the browser entirely — it is safe to do so.
I called the number and let someone onto my computer — what do I do?
Disconnect from the internet immediately, uninstall the remote-access software, contact your bank, and change your passwords from a clean device. See our remote-access scam recovery guidance.
How do I force-quit a browser?
On Windows: press Ctrl+Alt+Delete, open Task Manager, find the browser, and click End Task. On Mac: press Command+Option+Escape, select the browser, and click Force Quit. Both are safe — you will not lose anything important.