The University of Stirling Cyber Security team are aware of a new technique being used by cyber criminals to disseminate malicious software to unsuspecting computer users.
You may come across this through clicking a link in an email or simply through visiting websites. The technique involves a pop-up or webpage redirection which asks you to verify you’re human, which may look something like this:
Clicking to verify then generates another pop up or webpage redirect that provides instructions for how to ‘verify’ yourself, which may look something like this:
Whilst the exact wording and appearance of these pop-ups may differ, the key instructions remain the same. So if you see a pop-up instructing you to press the Windows key + R, then CTRL + V, followed by Enter, do not follow these steps.
If a user does follow the above verification steps, they are unknowingly running a PowerShell command that will allow cyber criminals to easily install malware, steal your credentials, and access your data.
Please be cautious when browsing the internet or whenever you click a link from an email. If you receive a suspicious email, please report it to us using the ‘Report spam / phishing’ feature in Outlook:
Click the three dots to the left of the open email for ‘More actions’
Choose ‘Report’
Then ‘Report junk’ or ‘Report phishing’
If you’re asked to verify yourself or instructed to perform unusual actions on your device, stop and report the incident to us by emailing information.centre@stir.ac.uk. For more information on this attack technique, see This Windows PowerShell Phish Has Scary Potential – Krebs on Security