Google Chrome Users Targeted in New Scam: What You Need to Know
Google Chrome users are the latest to be targeted in a sophisticated scam that tricks them into copying and pasting malicious malware onto their computers.
Beware of Popup Notifications
Cybersecurity experts are warning users to be cautious of popup notifications that claim an error has occurred while trying to open a document or web page. These popups instruct users to paste text into a PowerShell terminal or Windows Run dialogue box.
Clever Social Engineering
"Although the attack chain requires significant user interaction to be successful, the social engineering is clever enough to present someone with what looks like a real problem and solution simultaneously," explained a spokesperson.
The scam is designed to deceive unsuspecting users into thinking they are solving a technical issue.
Who is Behind the Attacks?
The attacks, first detected in March, are attributed to spam distributor TA571 and ClearFake. "They are known for high-volume spam campaigns and fake update threats," the spokesperson added. The installed malware primarily focuses on credential theft and fraudulent cryptocurrency transactions.
How to Protect Yourself
To avoid falling victim to such scams, follow these key tips:
- Never share personal or financial information with someone you do not know.
- Never click links or open attachments from unknown senders on email, text, social media, or online.
- Spelling and grammatical errors in confirmation emails or inaccurate domain names usually indicate the message is a scam.
- Be cautious when ordering from unknown websites and only communicate with organizations through official channels on company websites; do not reply directly to emails or click on provided links.
- Do not share passwords with others and ensure you change them regularly. Consider using a password manager.
- Pay attention to unexpected emails or phone calls.
By following these best practices, you can minimize the risk of falling victim to this and other scams. Stay vigilant and always verify before taking any suggested actions.
