Beware! Fake Chrome error messages trick users into installing malware
What's the story
Cybersecurity experts have warned that Google Chrome users are being targeted by a sophisticated scam, that tricks them into copying and pasting malicious malware onto their computers. The scam involves popup notifications falsely claiming an error has occurred while trying to open a document or web page. According to cybersecurity firm Proofpoint, the popup box instructs users to paste text into a PowerShell terminal or Windows Run dialog box.
Social engineering
Scam exploits user interaction, mimics genuine problem
The spokesperson for Proofpoint explained that the scam requires significant user interaction to be successful. The social engineering involved is clever enough to present someone with what appears to be a real problem and solution simultaneously. Despite the suspicious nature of these instructions, the scam is sophisticated enough to deceive unsuspecting users into thinking they are solving a problem.
Cyber threats
Spam distributors identified as culprits behind attacks
Proofpoint has identified spam distributor TA571 and ClearFake as the entities behind these attacks, which were first detected in March. "They are known for high-volume spam campaigns and fake update threats," said the spokesperson. The malware installed through these attacks primarily focuses on credential theft and fraudulent cryptocurrency transactions.
Scam prevention
Proofpoint advises caution to avoid falling victim
To protect against such scams, Proofpoint advises users never to share personal or financial information with unknown individuals. Users should avoid clicking links or opening attachments from unknown senders in emails, texts, social media messages, or online. The cybersecurity firm also recommends being cautious when ordering from unfamiliar websites, and only communicating with organizations through official channels on company websites.