A new scam called ClickFix is targeting users and is on the rise in the United States. As its name suggests, it prompts you to click on a link claiming to solve your problem, but actually infects your computer with malware.
We’ve previously reported on this, detailing how attackers can use messages disguised as Google Chrome, Microsoft Word, and OneDrive errors to infect users’ computers.
A similar type of attack is currently affecting Google Meet users, whether they use a Windows PC or a Mac. We explain how this cyberattack works and what you can do to protect yourself.
We’re giving away a $500 gift card this holiday season.
How Google Meet traps work
According to French cybersecurity company Sekoia, it all started with an email containing a link to Google Meet. Emails can come from any address and may be socially engineered to appear affiliated with your organization. You can link to Google Meet invitations to meetings, webinars, online collaboration, and more. Once you click on the link, you will be redirected to a fake Google Meet page that will immediately display a warning claiming that there is a problem with your PC. Your microphone or camera may not be working, or there may be an issue with your headset.
What is artificial intelligence (AI)?
These fake meeting emails are expected to contain the following URLs:
meets(.)google(.)us-join(.)com
meets(.)google(.)web-join(.)com
Meet(.)googie(.)com-join(.)us
meets(.)google(.)cdm-join(.)us
The fake page also displays a pop-up to troubleshoot the issue, displaying phrases such as “Press a key combination” or “CTRL+V.” If you follow these instructions, malicious code will be pasted into your Windows prompt, infecting your computer with malware. Once the code is on your computer, hackers can gain access to your cryptocurrencies, sensitive files, and personal information.
Sekoia discovered several other malware distribution clusters in addition to Google Meet. These include platforms such as Zoom, PDF readers, fake video games (such as Lunacy, Calipso, Battleforge, and Ragon), Web3 browsers, projects such as NGT Studio, and messenger apps such as Nortex.
Prevent people nearby from hearing your voicemails with this simple tip
big picture
In July, McAfee noticed an increase in ClickFix campaigns, particularly in the US and Japan (via Bleeping Computer). Recently, two groups have been responsible for some of these attacks: Slavic Nation Empire and Scamquerteo. Both are said to be offshoots of larger cryptocurrency fraud groups Marco Polo and Cryptolab.
Earlier this year, Proofpoint discovered malware circulating that disguised as fake Google Chrome, Word, and OneDrive error messages to trick people into downloading malicious code. He also pointed out a technique known as “email lure,” in which hackers send fake emails disguised as MS Word to infect computers.
CLICK HERE TO GET FOX BUSINESS ON THE GO
Best antivirus products for PC, Mac, iPhone, and Android – Cyberguy’s picks
4 ways to protect yourself from harmful software
Fake Google Meet pages create a sense of urgency, leading users to click on links and unknowingly compromise their devices. There are several steps you can take to protect yourself from such cyber attacks.
1. Use strong antivirus software: The best way to protect yourself from clicking malicious links that install malware that can access your personal information is to install antivirus protection on all your devices. It is to do. This can also alert you to phishing emails and ransomware scams. Check out my picks for the best antivirus protection products of 2024 for your Windows, Mac, Android, and iOS devices.
2. Monitor your accounts: Regularly review your bank statements, credit card statements, and other financial accounts for fraudulent activity. If you notice any suspicious transactions, report them to your bank or credit card company immediately.
3. Issue a fraud alert: Contact one of the three major credit bureaus (Equifax, Experian, or TransUnion) and request that a fraud alert be placed on your credit file. This makes it more difficult for identity thieves to open new accounts in your name without authentication.
4. Enable two-factor authentication: Enable two-factor authentication whenever possible. This provides an extra layer of security by requiring a second form of authentication, such as a code sent to your phone, in addition to your password.
How to remove personal data from the Internet
Cart important points
Hackers have come up with sneaky ways to trick users into installing malware. They use social engineering to make emails and website prompts appear legitimate, hoping that you will click on the link and follow the instructions. The best way to protect yourself is to avoid unknown links and always check the URL of the page you are viewing before taking any action.
CLICK HERE TO GET THE FOX NEWS APP
Have you ever received a seemingly legitimate email or prompt that looks suspicious? Email us at Cyberguy.com/Contact.
For more of my tech tips and security alerts, visit Cyberguy.com/Newsletter and subscribe to my free CyberGuy Report newsletter.
Ask Kurt a question or let us know your story you’d like us to cover.
Follow Kurt on his social channels.
Answers to CyberGuy frequently asked questions:
New from cart:
Copyright 2024 CyberGuy.com. Unauthorized reproduction is prohibited.