DIRTY TRICKS [Way Before Treat Or Trick Happens]!
All throughout my boyhood, I always heard from my grandma, my parents and even from school that GOD NEVER SLEEPS. And obviously, I believed them hook, line and sinker. BUT please DON'T get me wrong as I am NOT disowning my age-old concurrence BUT is there anyone in our thread now WHO will disagree with me that SCAMMERS NEVER SLEEP? YES, I can stand four-square behind my supposition because DIRTY TRICKS [Way Before Treat Or Trick Happens] are with us again [even as we speak]. And hey, you're spot on, they are burning the midnight oil to be a hundred or a zillion steps ahead of the technology pack. BUT WHAT's scarier is that they have become so creative๐๐๐
Breaking news yesterday, a new malware distribution campaign uses FAKE [yes, FAKE indeed] Google Chrome, Word and OneDrive errors to trick users into running malicious 'FIXES' !@#$%? that will eventually install malware. And WHAT complicate things, that new campaign was observed being used by multiple 'threat actors' including those behind ClearFake, a new attack cluster called ClickFix and that TA571 threat actor๐ฆ๐ฆ๐ฆ
This latest attempt to lure Chrome end-users to install that malicious malware on their computer comes in the form of FAKE ERRORS. And YES, those same FAKE ERRORS have been replicated across even to Word and OneDrive. And these threat actors also utilize JavaScript in HTML attachments [Ouch, please DON'T be so speedy to click and download those attachments and later on, those errors will prompt end-users to click a BUTTON to copy a supposed 'PowerShell FIX' into the clipboard and then paste and run it in a "RUN" dialog, whew๐ฅ๐ฅ๐ฅ
YES, WHAT error display that can throw us off from our chair the moment we receive that 'NO INTERNET' blackened screen! Because that sets us up to be pushed into PANIC mode and although that 'ATTACK CHAIN' requires significant user interaction to be successful, today's social engineering is so damn clever to present someone with WHAT looks like a real problem and solution rolled into one❌❌❌
Pasted herein is a latest sampling of that FAKE Google Chrome error prompt that seems, sounds and looks so user-friendly so as to instantly offer an INSTANT SOLUTION. Our takeaway: Beware of these SCARE TACTICs of scammers WHO intend to hit us [and hit us hard] via our Achilles Heel. And the bottom line here is that we need to keep up with the frenetic pace of these scammers before we end up as their latest prey in this damning vicious cycle๐๐๐