Could the Google Meet error be a cunning hacker tactic?
Be cautious when accepting Google Meet invitations.
In the U.S., a new scam called ClickFix is gaining popularity. It tricks users into clicking on a link that claims to fix an issue, but in reality, it infects their computers with malware.
Earlier, I reported on how threat actors used fake error messages from Google Chrome, Microsoft Word, and OneDrive to infect users' computers.
Google Meet users, regardless of their operating system, are now being targeted by a similar type of cyberattack. I provide an explanation of how this attack works and offer suggestions on how to safeguard yourself.
How the Google Meet trap works
A fake Google Meet page will soon appear after clicking on a link in an email that appears to be related to your organization. The email may come from any address and be socially engineered to look legitimate. The fake Google Meet page will display a warning claiming there's an issue with your PC, such as problems with your microphone, camera, or headset.
You can expect to see the following URLs in these fake meeting emails:
meet[.]google[.]us-join[.]com
meet[.]google[.]web-join[.]com
meet[.]googie[.]com-join[.]us
meet[.]google[.]cdm-join[.]us
Malicious code is pasted into the Windows prompt when you follow the instructions on this fake page, infecting your computer with malware. Hackers can then gain access to your cryptocurrencies, sensitive files, and personal information.
Beyond Google Meet, Sekoia has discovered malware distribution clusters on various platforms, including Zoom, PDF readers, fake video games such as Lunacy, Calipso, Battleforge, and Ragon, web3 browsers, and projects like NGT Studio and messenger apps like Nortex.
The bigger picture
In July, McAfee observed an increase in ClickFix campaigns, particularly in the U.S. and Japan (via Bleeping Computer). Recently, two groups, Slavic Nation Empire and Scamquerteo, have been linked to these attacks. Both are believed to be affiliated with larger crypto scam gangs, Marko Polo and CryptoLove.
This year, Proofpoint discovered that malware was spreading through fake error messages for Google Chrome, Word, and OneDrive, which tricked individuals into downloading malicious code. Additionally, the company highlighted the "email lure" technique, where hackers send fraudulent emails posing as MS Word to infect computers.
4 ways to protect yourself from harmful software
To safeguard yourself from cyberattacks caused by fake Google Meet pages, you can take several steps.
To safeguard yourself from malicious links and malware that can compromise your private information, it is crucial to have antivirus software installed on all your devices. Additionally, it can alert you of phishing emails and ransomware scams. Here are my top picks for the best 2024 antivirus protection for Windows, Mac, Android, and iOS devices.
Keep track of your finances: Regularly examine your bank and credit card statements for any unauthorized activity. If you detect any suspicious transactions, promptly inform your bank or credit card provider.
Request a fraud alert on your credit file by contacting one of the three major credit reporting agencies (Equifax, Experian or TransUnion). This will make it harder for identity thieves to open new accounts in your name without verification.
Two-factor authentication should be enabled whenever possible to enhance security by requiring a second form of verification, such as a code sent to your phone, in addition to your password.
Kurt’s key takeaways
Malware can be installed on your computer through social engineering tactics used by hackers. They create emails and website prompts that appear legitimate, but are actually designed to trick you into clicking on a link and following their instructions. To safeguard yourself, be cautious of clicking on links from unknown sources and always verify the URL of the page you're visiting before taking any action.
Have you ever received an email or prompt that appeared legitimate but turned out to be suspicious? Please share your experiences with us by contacting Cyberguy.com/Contact.
To receive my tech tips and security alerts, sign up for my free CyberGuy Report Newsletter at Cyberguy.com/Newsletter.
Let us know what stories you'd like us to cover.
Follow Kurt on his social channels:
Answers to the most asked CyberGuy questions:
New from Kurt:
Copyright 2024 CyberGuy.com. All rights reserved.
