Don’t fall for it! Hackers are trying to get you to scam yourself
You’re pulling your hair out, trying to fix something on your computer. You Google it and find what looks like a helpful website or a tutorial with easy step-by-step instructions.
Phew, you’re finally solving your problem, but hold up! You’ve just walked into a “scam-yourself” attack. Cybercreeps use this clever strategy to trick you into compromising your tech so they don’t have to do the dirty work.
How bad is it?
Bad. Really bad. “Scam-yourself” attacks shot up 614% in the third quarter of this year alone. Lumma Stealer, the top data-stealing malware type that grabs banking info and browser extensions, spiked by 1,154%.
When something’s broken, our instinct is to rush and fix it as quickly as possible. Now, add to this the fact you’re going through the steps yourself so it feels like you’re in control. That’s exactly what makes these tricks so dangerous.
How they snag you
🤖 Fake CAPTCHA: You verify (“I’m not a robot”), then you’re asked to download a README file for instructions. Those instructions install malware.
▶️ YouTube tutorials: You click a download link in the description of a YouTube video that promises to fix your tech issue. You guessed it! It’s malware in disguise.
🌐 ClickFix scams: You copy and paste commands into your computer while following a step-by-step guide. Oops … You’ve commanded it to obey its new hacker overlords.
🛑 Phony updates: Quick! A pop-up says you need to install a security update right now! It’s malware pretending to be your app, operating system or browser.
How to protect yourself
These scammers are savvy, but you can outsmart them.
- Think twice before downloading: If a tutorial tells you to turn off antivirus software or download a random link, bail. Rely on big names (like Google, Apple and Microsoft) that publish steps for help online (or, you know, me!).
- Check URLs and sources: Cybercriminals mimic legitimate sites. Always double-check the web address, especially when you’re looking at updates or troubleshooting guides. If the URL feels off, trust your gut and close it.
- Be careful what you copy and paste: Never copy commands from unknown sources into your computer’s terminal or command prompt. That’s a classic malware delivery tactic.
- Update the right way: Don’t click random pop-ups to update your software. Always go through your device settings or the app store.
I know, the scams never stop. But don’t worry — I’ve got your back. Now, be a hero and help protect others by sharing this important info using the share buttons below. Together, we can stay one step ahead!
Don’t get left tech-behind – Stay tech-ahead
Award-winning host Kim Komando is your secret weapon for navigating tech.
- National radio show: Find your local station or listen to the podcast.
- Daily newsletter: Join over 600,000 people who read The Current (free!).
- Watch: On Kim’s YouTube channel.
- Podcast: “Kim Komando Today” — Listen wherever you get podcasts.
Tags: CAPTCHA, cybersecurity, guides, hackers, malware, scams/scammers, tutorials