I've had quite a scare today - the second time this month. I tried browsing to speedtest.net to test my connection, and I must have mistyped something (the last time that happened, I mistyped "google"). Next thing I know, a site with a big, bogus blue screen opened, it threw up a popup and started talking the popup's content repeatedly. The tab was showing the "play" icon, as if Flash was played in it. The domain was "virus--alert--warning.com", and the number is a known spammer (how are these allowed to a hvae an 800 number???).
It could not be stopped - the tab could not be closed, and I could't click the Chrome close button, or right-click it in the task bar and close it (Windows 10). I had to resort to killing it through task manager.
I'm a very careful user - no extensions in my browser (other than Disconnect, uBlock Origin, and 3 extensions I developed), I never install anything I don't know, open an email I don't recognize, or follow shady links etc.
I ran Windows Defender, MalwareBytes and adwcleaner - all came up negative for malware or rootkits. Leaving me with my question: how can a website (using HTML, JS and probably Flash) create a situation where Chrome is stuck, repeatedly playing audio? Do I still have something on my computer that I missed, or was this done entirely in the browser?