ClickFix Exploits Users with Fake Errors and Malicious Code

A new social engineering tactic, known as ClickFix, has emerged, using deceptive error messages to prompt users to run harmful code.

The Sekoia Threat Detection & Research (TDR) team has recently detailed this tactic – first discovered by Proofpoint in March – in a new report published earlier today. This approach, called ClearFake, encourages users to copy and execute malicious PowerShell commands, enabling cybercriminals to infect users’ devices.

ClickFix exploits fake error messages across multiple platforms, such as Google Meet and Zoom, often mimicking error notifications on video conferencing pages to lure users.

See more: https://www.infosecurity-magazine.com/news/clickfix-fake-errors-malicious-code/

#cybersecurity #clickfix