ClickFix is a social engineering tactic that deceives users into infecting their own machines under the guise of fixing issues. It emerged in early 2024 and employs varied infection methods like phishing and malvertising. Victims follow instructions that lead to a malicious command being executed on their systems. This technique has caused widespread incidents, labeled CAPTCHAgeddon, utilized by cybercriminals and state actors alike. ClickFix has proven more effective than previous scams by eliminating file downloads and using advanced social engineering methods.
"Like a real-world virus variant, this new 'ClickFix' strain quickly outpaced and ultimately wiped out the infamous fake browser update scam that plagued the web just last year."
"It did so by removing the need for file downloads, using smarter social engineering tactics, and spreading through trusted infrastructure. The result - a wave of infections ranging from mass drive-by attacks to hyper-targeted spear-phishing lures."
Collection
[
|
...
]