I’m assuming we’ve all heard about ClickFix malware and how it works by tricking you into copying something into your clipboard.
Has anyone found a simple, clear explanation to share with family and friends about the attack vector? It is a hard one to explain to non-technical people. Especially since in some cases people are getting emails about legitimate hotels bookings warning them that there is a problem.
No. The best advice I can give is keep it simple. “Never use the Run command”, “Never use the Terminal”, etc.
I encountered my first “virus” in the mid 90’s when a user called saying all his Excel spreadsheets were being saved as template files. As I recall, that was a proof of concept macro that Microsoft had accidentally distributed on a CD.
Almost no one really listened when we warned them of email borne threats. So I used to quarantine incoming emails containing several types of files. Just so users would have to log into our email firewall to retrieve the messages. I hoped this extra step would remind them to think twice about opening attachments.
Yes and this malware is a bit more subtle. There will some technical users how fall into its trap. Generic advice isn’t enough in this case.
I understand, it can be very difficult to spot a phishing attack. When in doubt I’ve examined email headers, but that’s not an option for most people.
Some email providers now offer advanced phishing/malware protection for their paid accounts. And, IMO, it may be time for Mac users to start using antivirus.
If I am reading this correctly, it requires that people paste a string into the terminal… Correct?
I could be wrong, but I find it very hard to believe that any technical users are going to arbitrarily copy and paste text from a CAPTCHA into a terminal.
For non-technical users, isn’t it enough to tell them that anything that requires you to put something into the terminal is likely a scam?