BREACHWATCHER

Proactive Cybersecurity Monitoring

Menu

Beware of "ClickFix" - The Trick That Makes You Hack Yourself

ClickFix is a clever online scam that started gaining traction in 2024 and continues evolving today. Cybercriminals show you a fake warning on a website—often pretending to be a CAPTCHA check (“prove you’re not a robot”), a browser error, or a quick system fix. They urge you to copy a “solution” code and paste it into your computer’s Run box (Windows key + R) or command window. What looks like harmless troubleshooting is actually a hidden command that downloads and installs dangerous malware. This steals your passwords, banking details, cryptocurrency, or gives hackers full control of your device. Thousands of people and companies are targeted daily, and it works because it tricks you into doing the dangerous part yourself—no suspicious file download required.

WHAT TO LOOK OUT FOR

  • Sudden pop-ups claiming your browser needs verification, has an error, or requires a “quick fix” to continue.
  • Instructions to press Windows + R, open PowerShell/Terminal, or run a copied command—especially if it looks like gibberish code or starts with “powershell” or similar.
  • Fake CAPTCHA screens on sites that don’t normally need them, or on unexpected pages (free movie sites, ads, or even legitimate-looking but compromised business pages).
  • Any prompt to copy-paste long strings of text into command tools—legitimate sites almost never ask this.
  • Urgency pressure: “Do this now or lose access” or “Your system is at risk.”

If you see these, stop immediately, close the tab, and do not paste or run anything.

HOW TO PROTECT YOURSELF

  • Never copy and paste commands from websites into Run, PowerShell, Command Prompt, or Terminal unless you fully understand them and trust the source 100%.
  • Be extra cautious with CAPTCHA-like prompts on unfamiliar or suspicious sites—real ones don’t require running code.
  • Keep your browser and operating system updated to benefit from built-in protections.
  • If something feels off, close the browser, restart if needed, and scan your device.
  • Educate family/colleagues: Share this email and remind them that no legitimate fix involves pasting mysterious code.
Banner with text: 'Stay vigilant, stay safe, subscribe today' promoting cybersecurity awareness.
BreachWatcher Logo: Knight in armor holding shield and spear saying "we watch for you"
Menu

Contact Us

BreachWatcher Logo: Knight in armor holding shield and spear saying "we watch for you"

Contact Us

  • Pretoria, South Africa

  • Relevant Email Address

  • Relevant Number