Google Chrome users are the latest group to be targeted by a scam enticing them into copying and pasting malicious malware onto their computers.
Cybersecurity experts Proofpoint have warned users to be on the lookout for pop-up notifications saying there’s an error when trying to open a document or web page.
A Proofpoint spokesperson said the pop-up box can be found in the PowerShell terminal or in Windows[実行]You mentioned that you want to prompt the user to paste the text into a dialog box.
“While the attack chain required significant user interaction to succeed, the social engineering was sophisticated enough to present someone with both a real problem and what appears to be a solution at the same time,” the spokesperson said.
“This is cause for alarm, but the scam is sophisticated enough to trick unsuspecting users into thinking they’re solving their problem.”
Proofpoint claims the attacks, which were first detected in March, are the work of spam distributors TA571 and ClearFake.
“They are known for their mass spam campaigns and fake update threats,” the spokesperson said.
The malware installed through these attacks focused on credential theft and fraudulent cryptocurrency transactions.
To avoid getting scammed, Proofpoint recommends never giving out personal or financial information to strangers.
Never click on links or open attachments from unknown senders in emails, texts, on social media or online.
If the verification email contains spelling or grammar mistakes or an inaccurate domain name, the message is more likely to be a scam.
Always be cautious when ordering from websites you have never heard of and only communicate with organizations through official channels on the company website, never replying directly to emails or clicking on any links provided.
Don’t share your passwords with others, change them regularly, and consider using a password manager to prevent identity theft.
Be wary of emails or phone calls you weren’t expecting.
