U.S. News
New Scam Targets Millions of Google Chrome Users with Deceptive Malware Trick
Clear Facts
- Cybersecurity experts are warning about a new website scam targeting Google Chrome users, which downloads harmful malware.
- The Identity Theft Research Center’s 2023 report shows a 72% increase in data compromises in the United States from the previous high in 2021, impacting 353 million people last year.
- The scam involves a popup text box that tricks users into copying and pasting malicious code into a PowerShell terminal or Windows Run dialog box.
Cybersecurity experts are raising alarms about a new website scam that could potentially affect millions of Google Chrome users. This scam involves a deceptive copy-and-paste technique designed to install harmful malware on users’ systems.
Proofpoint, a leading cybersecurity firm, has highlighted this threat. They stated, “Researchers identified an increasingly popular technique leveraging unique social engineering to run PowerShell and install malware.”
The latest data from the Identity Theft Research Center (ITRC) underscores the growing threat of cyber attacks. Their 2023 Annual Data Breach Report reveals that data compromises in the United States surged by 72% from the previous high in 2021.
This alarming increase affected 353 million people last year alone.
Google Chrome remains the most popular internet browser, with 63.6% of global internet users relying on it between July and August 2023. This statistic translates to approximately 3.45 billion users who are now at risk from this new scam.
Proofpoint’s warning specifies that “Threat actors, including initial access broker TA571 and at least one fake update activity set, are using this method to deliver malware, including DarkGate, Matanbuchus, NetSupport, and various information stealers.”
The scam works by presenting a popup text box that claims an error occurred while trying to open a document or webpage. This popup then instructs users to copy and paste the provided text into a PowerShell terminal or Windows Run dialog box.
While this attack requires user interaction to succeed, Proofpoint warns that “although the attack chain requires significant user interaction to be successful, the social engineering is clever enough to present someone with what looks like a real problem and solution simultaneously, which may prompt a user to take action without considering the risk.”
To avoid falling victim to such scams, it’s crucial to remain vigilant and skeptical. Abhishek Karnik, McAfee’s Head of Threat Research, advises, “If an offer or urgent message seems too good to be true, it probably is. Scammers prey on emotions to rush you into making decisions without thinking. Always take a moment to assess the legitimacy of an offer and consider the source before proceeding.”
In addition, users should avoid installing apps or updates unless they are certain of their legitimacy. It’s recommended to check for reviews and only download apps from official app stores.
Never click on links in emails that direct you to an app or update. Instead, use app stores or download the app directly to install the update.
Finally, always protect your personal information. Scammers are constantly on the lookout for opportunities to steal your data.
Let us know what you think, please share your thoughts in the comments below.
Gunny Gil
September 8, 2024 at 8:59 pm
All I know abut Google Chrome is it some how got onto my desktop and it has been running slow and variable ever since. Of course the truth is the internet and digital communication is all a deal of Satan and his human minions, most of whom are government officials and employees, and not just the USA
Camille Gilliam
September 9, 2024 at 1:22 am
They got into my computer, so I switched Companies. They took me off of Julie Green & Donald Trump Jr’s site.