APPSURD!

Google Chrome users warned of ‘clever’ fake notification hackers use to raid accounts – look out for danger button

Familiarise yourself with the telltale signs this nasty trick entails

GOOGLE Chrome users have been warned about a new "clever" trick used by hackers to raid accounts.

The same sneaky threat has been targeting those using Microsoft Word online and OneDrive too.

Advertisement
Example of what the fake alert looks like

It comes in the form of a fake notification that pretends there's been an error.

"Something went wrong while displaying this webpage," one example showed.

The dubious popup tells people to click a button that will apparently fix a problem.

But following the instructions will only lead to your machine being snooped on.

Advertisement

"Although the attack chain requires significant user interaction to be successful, the social engineering is clever enough to present someone with what looks like a real problem and solution simultaneously, which may prompt a user to take action without considering the risk," warned Proofpoint, who uncovered the ruse.

Once users click the button they are told to copy and paste instructions into their machine's system.

But behind the scenes it installs a range of nasty software.

Among them is malware that can steal your account details.

Advertisement

Most read in Tech

CHAT'S SCARY!
Humans must adopt 'new way of life' to beat AI's sinister advantage
HAVING A SING-A-JONG
Bizarre Carpool Karaoke-style vid shows Putin driving Kim in limo
GOING CHEAP
Justin Timberlake took $2m hit on property sale before arrest as tour struggled
AI-MING HIGHER
New Google footage teases future of AI-generated movies with DeepMind tool

It can also trigger fraudulent crypto transactions without people realising.

Any supposed error message or website asking you to copy and paste a prompt into the Windows PowerShell should be an immediate red flag.

Think twice before acting on any popups with buttons offering to fix a problem that then ask you to paste text into your computer's system this way.

Google urges all users to change settings on 12 popular apps to avoid attack – Amazon, Uber and WhatsApp are on the list

How to spot a dodgy app

Detecting a malicious app before you hit the 'Download' button is easy when you know the signs.

Follow this eight-point checklist when you're downloading an app you're unsure about:

  1. Check the reviews - be wary of both complaints and uniformly positive reviews by fake accounts.
  2. Look out for grammar mistakes - legitimate app developers won't have typos or errors in their app descriptions.
  3. Check the number of downloads - avoid apps with only several thousand downloads, as it could be fake.
  4. Research the developer - do they have a good reputation? Or, are totally fake?
  5. Check the release date - a recent release date paired with a high number of downloads is usually bad news.
  6. Review the permission agreement - this agreement gives permission for the app to take bits of your data, and fake apps often ask for additional data that is not necessary.
  7. Check the update frequency - an app that is updated too frequently is usually indicative of security vulnerabilities.
  8. Check the icon - look closely, and don’t be deceived by distorted, lower-quality versions the icons from legitimate apps.

All of this information will available in both Apple's App Store and the Google Play Store.

Topics
Advertisement
You might like
Advertisement
Advertisement
Show More
Advertisement
Advertisement
Advertisement