ClickFix Attacks Soar by 500%: Hackers Intensify Use of This Manipulative Technique to Deceive Users
gbhackers
A novel social engineering technique dubbed “ClickFix” has surged by an alarming 517% between the second half of 2024 and the first half of 2025, as reported by ESET telemetry data.
This manipulative attack vector, now the second most prevalent after phishing, exploits user trust in familiar online verification processes like reCAPTCHA challenges.
ClickFix deceives victims into copying and pasting malicious scripts under the guise of resolving fake errors or completing verification checks, ultimately leading to severe system compromises.
A New Social Engineering Threat Emerges
With detections under the HTML/FakeCaptcha label accounting for nearly 8% of all blocked attacks, the true scale of this threat may be even larger due to its multi-stage nature involving various payloads and obfuscation techniques.
ClickFix operates by presenting users with counterfeit prompts mimicking legitimate services such as Microsoft Word, OneDrive, Booking.com, or Google ...
Copyright of this story solely belongs to gbhackers . To see the full text click HERE