Summary: Microsoft has reported on a new phishing technique dubbed “ClickFix,” utilized by a threat actor known as Storm-1865, which targets victims by manipulating their problem-solving tendencies to download malware. The campaign primarily targets the hospitality sector, impersonating Booking.com to deceive users into executing commands that facilitate the malware download. Users are urged to exercise caution and implement strong security hygiene to mitigate these types of phishing attacks.
Affected: Booking.com and the hospitality industry
Keypoints :
- The ClickFix technique uses fake error messages and prompts to trick users into executing commands that download malware.
- Storm-1865’s campaign has a broad geographical impact, targeting organizations across multiple continents.
- Microsoft advises users to verify emails, check URLs, and be cautious of unsolicited calls to action to prevent falling victim to phishing attacks.
Source: https://www.darkreading.com/threat-intelligence/threat-actor-booking-com-clickfix-phishing-scheme