A new cyber attack targeting Windows PCs is spreading fast—and it’s dangerously simple. Called ClickFix, this trick uses fake error messages to fool users into running harmful commands on their own computers.
According to security experts, even state-sponsored hackers from Russia, Iran, and North Korea have started using the same method, but the main threat comes from regular cybercriminals targeting everyday users.
ClickFix works like this:
You see a fake message on your screen—maybe about a system error or a secure document. The message tells you to copy a line of text, open PowerShell, paste the text, and press Enter. If you do, your PC runs a command that secretly installs malware.
This malware can steal passwords, financial data, and take control of your computer. Some well-known malware used in these attacks includes Lumma Stealer and DarkGate.
Security firms like McAfee explain that these websites look real, and the instructions seem helpful. But they’re designed to trick you. If you follow those four steps—copy, open, paste, and run—you’ve likely just let hackers into your system.
The key warning signs to watch for:
- Any message asking you to manually run a command in PowerShell.
- Fake-looking pop-ups or error messages on websites.
- Claims that you must register your PC to view a document or fix an issue.
If you see anything like this: do not follow the instructions. Close the message, exit the browser or app, and reboot your PC. That simple action could protect your data.
Experts say that once you know this trick, it’s easy to spot. And avoiding it is just as easy—never run commands you don’t understand, no matter how official they seem.
