Recent Alerts & News

Stay informed about the latest campaigns and variations of the ClickFix scam observed in the wild.

May 2025

ClickFix Attacks Surge by 500% in First Half of 2025

ESET security researchers report a massive 517% increase in ClickFix social engineering attacks, making it the second most common attack vector after phishing.

May 2025

ClickFix Phishing URLs Quadruple in One Year

Proofpoint reports a nearly 400% increase in malicious links associated with ClickFix between May 2024 and May 2025, with major spike in early 2025.

Jan 2025

Lumma Stealer Distributed via Fake CAPTCHAs

Attackers are using fake verification pages to trick users into running PowerShell commands that install the Lumma Stealer infostealer.

May 2024

Microsoft Warns of Storm-1607 ClickFix Campaigns

Threat actors are targeting tens of thousands of organizations in the US and Canada with weaponized ClickFix landing pages.

External Resources

Microsoft: Social engineering tactics targeting tens of thousands of organizations.
ESET: Technical analysis of the 500% surge in ClickFix activity.
The Hacker News: Coverage of Lumma Stealer and its delivery methods.