Check Point Research identifies how the new social engineering technique, FileFix, is being actively tested by threat actors in the wild. Attackers have long exploited human trust as a primary attack surface, and they’re doing it again with a new technique called FileFix. FileFix is a recently uncovered social engineering attack that builds on the widely abused ClickFix tactic. Unlike ClickFix, which tricks users into running malicious commands via the Windows Run dialog, FileFix takes a subtler approach: it opens a legitimate Windows File Explorer window from a webpage and silently loads a disguised PowerShell command into the user’s clipboard. […]
The post FileFix: The New Social Engineering Attack Building on ClickFix Tested in the Wild appeared first on Check Point Blog.