ClickFix has quickly become one of the most prominent cybercriminal intrusion vectors because it is less understood than phishing, which users have become progressively more wary about over time, and frequently successful.
âWhat makes this new social engineering technique effective is that it is simple enough for the victim to follow the instructions, believable enough to look like it might fix a made-up problem, and abuses the probability that victims wonât pay much attention to the exact commands they have been asked to paste and execute on their device,â KropĂĄÄ explained.
KropĂĄÄ added: âWith its growing popularity, it is possible that Microsoft and Apple, but also the open-source community, will add some kind of security warning like the one used for macros in Word or Excel, or for files copied from the internet, notifying users that they are about to execute a potentially dangerous script.â
