Fake Google Meet Pages Steal Sensitive User Data

Written By : Alex Nolan / Edited By : Diana Lawson

Phishing scam baits users with fake permissions

Published On: October 21, 2024

A new phishing campaign dubbed ClickFix is using fake Google Meet pages to distribute infostealers, targeting both Windows and macOS users. This campaign manipulates victims by displaying fraudulent error messages, such as issues with microphones or headsets during fake Google Meet sessions. Users are tricked into following instructions to fix these non-existent issues, leading them to download and execute malware on their devices.

The attackers, part of organized cybercriminal groups such as Slavic Nation Empire and Scamquerteo, lure victims through phishing emails containing links to counterfeit Google Meet pages. These URLs closely resemble legitimate ones, with slight changes like "meet.google.us-join[.]com" or "meet.google.web-join[.]com" to deceive users. Once on these fake pages, a pop-up prompts users to run malicious PowerShell commands or download a file that infects their system.

On Windows, the malware typically installs StealC or Rhadamanthys info-stealers, while macOS users are hit with Atomic Stealer. These malware programs can steal sensitive data, such as login credentials and personal information, and even allow remote access to the infected systems. The malware can also bypass typical security measures because users are manually running the malicious code.

This attack method has expanded beyond Google Meet to target platforms like Zoom, PDF readers, and messaging apps. The ClickFix campaign is particularly concerning because it preys on the trust users place in common online tools, making detection and prevention more challenging.

Protecting yourself from ClickFix

To protect yourself from threats like the ClickFix campaign:

Verify links: Always double-check URLs in meeting invites. Look for minor variations that may signal a fake link
Avoid running unfamiliar code: If prompted to fix a technical issue by copying code, stop and verify the problem through official support channels
Train your team: Regularly inform employees about phishing tactics to prevent accidental downloads of malware

By Alex NolanTech Journalist

Alex Nolan is a tech journalist with a sharp, insightful approach to breaking down the latest innovations in the tech world. With a deep-rooted passion for both technology and gaming, she specializes in writing news that keeps readers informed about cutting-edge developments, from AI advancements to the hottest gaming releases. As an avid gamer across all genres, from FPS games to MMORPGs, Alex brings a unique perspective to her tech news, blending the excitement of a true enthusiast with the expertise of a tech insider. Whether exploring emerging trends or breaking down game mechanics, Alex’s passion for all things digital shines through her writing, keeping readers engaged and informed.

Recent Posts

Share

Fake Google Meet Pages Steal Sensitive User Data

Protecting yourself from ClickFix

Related Topics

Recent Posts