A new scam called ClickFix is targeting users and is on the rise in the United States. As its name suggests, it prompts you to click on a link claiming to solve your problem, but actually infects your computer with malware.
I I reported on this earlierdetails how attackers used messages disguised as Google Chrome, Microsoft Word, and OneDrive errors to infect users’ computers.
A similar type of attack is currently affecting Google Meet users, whether they use a Windows PC or a Mac. We explain how this cyberattack works and what you can do to protect yourself.
We’re giving away a $500 gift card this holiday season.
woman working on laptop (Kurt “Cyber Guy” Knutson)
How Google Meet traps work
According to the French Cybersecurity company SekoiaIt all starts with an email containing a link to Google Meet. Emails can come from any address and may be socially engineered to appear affiliated with your organization. You can link to Google Meet invitations to meetings, webinars, online collaboration, and more. Once you click on the link, you will be redirected to a fake Google Meet page that will immediately display a warning claiming that there is a problem with your PC. Your microphone or camera may not be working, or there may be an issue with your headset.
What is artificial intelligence (AI)?
These fake meeting emails are expected to contain the following URLs:
meet[.]google[.]we participate[.]com
meet[.]google[.]Web participation[.]com
meet[.]Googie[.]com join[.]us
meet[.]google[.]cdm-combine[.]us
The fake page also displays a pop-up to troubleshoot the issue, displaying phrases such as “Press a key combination” or “CTRL+V.” If you follow these instructions, malicious code will be pasted into your Windows prompt, infecting your computer with malware. Once the code is on your computer, hackers can gain access to your cryptocurrencies, sensitive files, and personal information.
Sekoia discovered several other malware distribution clusters in addition to Google Meet. These include platforms such as Zoom, PDF readers, fake video games (such as Lunacy, Calipso, Battleforge, and Ragon), Web3 browsers, projects such as NGT Studio, and messenger apps such as Nortex.
Fake Google Meet page (Sequoia)
Prevent people nearby from hearing your voicemails with this simple tip
big picture
In July, McAfee noticed an increase in ClickFix campaigns, particularly in the US and Japan (via computer that rings). Recently, two groups have been responsible for some of these attacks: Slavic Nation Empire and Scamquerteo. Both are said to be offshoots of larger cryptocurrency fraud groups Marco Polo and Cryptolab.
Earlier this year, Proofpoint discovered that: Malware was spreading under the guise of a fake error message Trick people into downloading malicious code for Google Chrome, Word, and OneDrive. He also pointed out a method known as “email lure,” in which hackers send fake emails disguised as MS Word to infect computers.
CLICK HERE TO GET FOX BUSINESS ON THE GO
fake page request (Sequoia)
Best antivirus for PC, Mac, iPhone, and Android – Cyberguy’s pick
4 ways to protect yourself from harmful software
Fake Google Meet pages create a sense of urgency, leading users to click on links and unknowingly compromise their devices. There are several steps you can take to protect yourself from such cyber attacks.
1. Use strong antivirus software. The best way to protect yourself from clicking on malicious links that install malware that can access your personal information is to install antivirus protection on all your devices. This can also alert you to phishing emails and ransomware scams. Get my picks for the best antivirus protection products of 2024 for Windows, Mac, Android, and iOS devices.
2. Monitor your account. Regularly check your bank statements, credit card statements, and other financial accounts for fraudulent activity. If you notice any suspicious transactions, report them to your bank or credit card company immediately.
3. Send a fraud alert. Contact one of the three major credit bureaus (Equifax, Experian, or TransUnion) and request that a fraud alert be placed on your credit file. This makes it more difficult for identity thieves to open new accounts in your name without authentication.
4. Enable two-factor authentication. enable two-factor authentication as much as possible. This provides an extra layer of security by requiring a second form of authentication, such as a code sent to your phone, in addition to your password.
How to remove personal data from the Internet
Cart important points
Hackers have come up with sneaky ways to trick users into installing malware. They use social engineering to make emails and website prompts appear legitimate, hoping that you will click on the link and follow the instructions. The best way to protect yourself is to avoid unknown links and always check the URL of the page you are viewing before taking any action.
CLICK HERE TO GET THE FOX NEWS APP
Have you ever received a seemingly legitimate but suspicious email or prompt? Please let us know by emailing us. Cyberguy.com/Contact.
For more of my tech tips and security alerts, subscribe to my free CyberGuy Report newsletter using the link below. Cyberguy.com/Newsletter.
Ask your cart a question or let us know your story you’d like us to feature.
Follow Kurt’s social channels:
Answers to CyberGuy frequently asked questions:
New from cart:
Copyright 2024 CyberGuy.com. Unauthorized reproduction is prohibited.
