WWW.FOXNEWS.COM
Why that Google Meet error might be a sneaky hacker trick
Published November 14, 2024 10:00am EST close Tech expert explains how AI kidnapping scammers replicate people's real voices Cyble CEO and Chair Beenu Arora explains how scammers use AI to replicate people's real voices in a kidnapping scam. A new scam called ClickFix is targeting users and is on the rise in the U.S. As the name suggests, it prompts you to click on a link, claiming to fix an issue, but in reality it infects your computer with malware.Ireported on this earlier, detailing how threat actors used messages impersonating errors from Google Chrome, Microsoft Word and OneDrive to infect users' computers.Now, a similar type of attack is affecting Google Meet users, regardless of whether theyre using a Windows PC or a Mac. I explain how this cyberattack works and what you can do to protect yourself. A woman working on her laptop (Kurt "CyberGuy" Knutsson)How the Google Meet trap worksAccording to Frenchcybersecurity company Sekoia, it all starts with an email containing a link to a Google Meet. The email can come from any address and may be socially engineered to look like it's related to your organization. It could link to a Google Meet invite for a meeting, webinar, online collaboration or something similar. When you click on the link, youll be directed to a fake Google Meet page, which will soon display a warning claiming theres an issue with your PC. It might say your microphone or camera isn't working or there's a problem with your headset.WHAT IS ARTIFICIAL INTELLIGENCE (AI)?You can expect to see the following URLs in these fake meeting emails:meet[.]google[.]us-join[.]commeet[.]google[.]web-join[.]commeet[.]googie[.]com-join[.]usmeet[.]google[.]cdm-join[.]usThis fake page will also display a pop-up offering to fix the issue, showing phrases like "Press the key combination" or "CTRL+V." When you follow these instructions, malicious code is pasted into the Windows prompt, infecting your computer with malware. Once the code is on your computer, hackers can gain access to your cryptocurrencies, sensitive files and personal information.Sekoia has uncovered several other malware distribution clusters beyond Google Meet. These include platforms like Zoom, PDF readers, fake video games (such as Lunacy, Calipso, Battleforge and Ragon), web3 browsers and projects like NGT Studio and messenger apps such as Nortex. Fake Google Meet page (Sekoia)The bigger pictureBack in July, McAfee noticed that ClickFix campaigns were ramping up, especially in the U.S. and Japan (viaBleeping Computer). Lately, two groups Slavic Nation Empire and Scamquerteo have been behind some of these attacks. Both are said to be offshoots of larger crypto scam gangs Marko Polo and CryptoLove.Earlier this year, Proofpoint found thatmalware was spreading by pretending to be fake error messages for Google Chrome, Word and OneDrive, tricking people into downloading malicious code. They also pointed out a method called "email lure," where hackers send fake emails pretending to be from MS Word to infect computers.GET FOX BUSINESS ON THE GO BY CLICKING HERE Fake page requests (Sekoia)4 ways to protect yourself from harmful softwareThe fake Google Meet page creates a sense of urgency, making users click on the links and unknowingly compromise their devices. There are several steps you can take to protect yourself from such cyberattacks.1. Have strong antivirus software:The best way to protect yourself from clicking malicious links that install malware that may get access to your private information is to have antivirus protection installed on all your devices. This can also alert you of any phishing emails or ransomware scams.Get my picks for the best 2024 antivirus protection winners for your Windows, Mac, Android and iOS devices.2. Monitor your accounts: Regularly review your bank statements, credit card statements and other financial accounts for any unauthorized activity. If you notice any suspicious transactions, report them immediately to your bank or credit card company.3. Place a fraud alert:Contact one of the three major credit reporting agencies (Equifax, Experian or TransUnion) and request a fraud alert to be placed on your credit file. This will make it more difficult for identity thieves to open new accounts in your name without verification.4. Enable two-factor authentication:Enabletwo-factor authentication whenever possible. This adds an extra layer of security by requiring a second form of verification, such as a code sent to your phone, in addition to your password.Kurts key takeawaysHackers have come up with sneaky ways to trick you into installing malware. They use social engineering to make emails and website prompts look legit, hoping you'll click on a link and follow their instructions. The best way to protect yourself is by avoiding unknown links and always checking the URL of the page you're on before taking any action.CLICK HERE TO GET THE FOX NEWS APPHave you ever received an email or prompt that looked suspicious but seemed legitimate at first glance? Let us know by writing us at Cyberguy.com/Contact.For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.Follow Kurt on his social channels:Answers to the most asked CyberGuy questions:New from Kurt:Copyright 2024 CyberGuy.com.All rights reserved. Kurt "CyberGuy" Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on "FOX & Friends." Got a tech question? Get Kurts free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.
0 Yorumlar 0 hisse senetleri 31 Views