Cybersecurity experts are cautioning about a new website scam targeting millions of people. Google Chrome users are at risk of a copy-and-paste scam that downloads harmful malware. The warning comes from Proofpoint, a cybersecurity company, that states, “Researchers identified an increasingly popular technique leveraging unique social engineering to run PowerShell and install malware.”
Cyber attacks are on the rise. The Identity Theft Research Center (ITRC) Annual Data Breach Report for 2023 reveals alarming statistics. According to their research, the United States experienced an astonishing surge in data compromises, reaching a record high—a 72 percentage point hike from the previous all-time high set in 2021. Last year alone, 353 million people were impacted.
Here’s what to know about the latest scam and how to stay safe.
RELATED: What Does a Credit Card Skimmer Look Like? 7 Ways to Spot One.
Google Chrome is the Top Internet Browser
Shutterstock
Google Chrome is the top internet browser, with Safari claiming the second spot, according to Statista. “Between July and August 2023, Chrome was used by 63.6 percent of internet users worldwide,” which means 3.45 billion people are at risk of the copy-and-paste scam.
Directs Users to Copy and Paste
Shutterstock
Unsuspecting Google Chrome users are the target of the copy-and-paste scam that installs malware focused on stealing personal information.
“Threat actors, including initial access broker TA571 and at least one fake update activity set, are using this method to deliver malware, including DarkGate, Matanbuchus, NetSupport, and various information stealers,” Proofpoint stated in their warning.
Popup Textbox
Shutterstock
The scam involves a popup text box “that suggests an error occurred when trying to open the document or webpage.” The popup then offers the user instructions on copying and pasting the text given into a PowerShell terminal or Windows Run dialog box.
User Interaction is Needed to be Successful
iStock
The threat is designed to look harmless, and a user might be tempted to ignore the copy-and-paste request, but Proofpoint warns that “although the attack chain requires significant user interaction to be successful, the social engineering is clever enough to present someone with what looks like a real problem and solution simultaneously, which may prompt a user to take action without considering the risk.”
RELATED: If a Caller Asks You Any of These Questions, Hang Up Right Away, Officials Warn.
TA571 and ClearFake Are Responsible for the Scam
Shutterstock
Proofpoint took notice of the attacks in March and has been monitoring the situation.
“ClearFake is a fake browser update activity cluster that compromises legitimate websites with malicious HTML and JavaScript,” the company states. “They are known for high-volume spam campaigns and fake update threats.” TA571 distributes spam and specializes in “high volume spam email campaigns to deliver and install a variety malware for their cybercriminal customers.”
How to Avoid the Scam
Shutterstock
As scams become more complex and sophisticated, it’s important to stay vigilant and “maintain a healthy sense of skepticism,” Abhishek Karnik, McAfee’s Head of Threat Research, told Best Life.
“If an offer or urgent message seems too good to be true, it probably is. Scammers prey on emotions to rush you into making decisions without thinking. Always take a moment to assess the legitimacy of an offer and consider the source before proceeding.”
In addition, don’t install apps or updates unless you know they’re legit. You can check for reviews to ensure they’re real. Never click on links in an email that directs you to an app or update. Instead, use app stores or download the app to install the update. Don’t use third-party stores, and install a VPN. Protect your personal information at all times. Scammers are always lurking about trying to steal your info.