As per Microsoft’s latest Digital Defense Report 2025, cybercriminals have found a new attack trick, dubbed ClickFix. It’s a social engineering tactic that convinces users to infect themselves. Moreover, it has been highlighted that this tactic has become one of the common methods used by hackers to gain initial access.
ClickFix attacks are more common than you think
Since early 2024, Microsoft has reported a sharp increase in the number of ClickFix-based attacks. The attack method is based on numerous fake pop-ups, support messages, or system alerts that prompt users to “fix” an issue by copying and pasting code into the Windows Run box or terminal. Once the prompt or the code is executed, it downloads malicious payloads directly into the device’s memory.
Since the malware is injected directly into the memory, it leaves little trace for the antivirus software to detect. One of the highlighted examples was the 2024 incident where Booking.com was impersonated to carry out phishing campaigns. Victims received fake travel confirmation emails leading to a cloned website with a CAPTCHA prompt.
Here are some common ways to stay protected from ClickFix attacks
Microsoft reported that ClickFix accounted for 47% of all initial access incidents recorded by its Defender Experts team over the past year. The tech giant advises organizations and individuals to focus on behavioral awareness. Mainly because what makes ClickFix particularly dangerous is that users unknowingly infect themselves.
Users and employees are suggested to be trained to never copy or run code from unverified sources, even if the prompt appears legitimate. Microsoft has urged IT teams to enable PowerShell logging and monitor clipboard-to-terminal actions. Teams must also deploy browser hardening policies to block malicious scripts before execution. Users must follow precautionary steps, such as verifying the source or avoiding third-party installs unless mandatory. It’s a rare instance where only precautions can be a real lifesaver.
The post Microsoft Warns Rising ClickFix Attacks Are Fooling Users Into Running Malware appeared first on Android Headlines.
Source: ndroidheadlines.com