It is always important to exercise caution if you get a popup window relating to a Google Chrome error or Microsoft Word extension. Scam error alerts in Google Chrome and Microsoft Word are on the rise as cybercriminals are using these tricks to compromise your system. These scams can look incredibly convincing but can lead to serious security breaches. Here’s how to identify and avoid them.
Understanding the Scam
These fake error messages are designed to mimic legitimate alerts and often appear on compromised yet authentic-looking websites. The goal is to trick you into running malicious PowerShell commands, which can give attackers access to your system and sensitive information.
Fake Google Chrome Errors
These attacks frequently stem from compromised legitimate websites, not just from known malicious ones. In other words, you might encounter this situation while browsing familiar websites. If the site is compromised, attackers can present you with popups like the ones shown below:
Source: Bleeping Computer, Proofpoint
Steps these scams might ask you to follow:
- Click the “Copy fix” button.
- Right-click on the Windows icon.
- Select “Windows PowerShell (Admin).”
- Run a command in the terminal.
In this case, the “Copy fix” button executes a script that allows attackers to carry out their malicious activities. They provide instructions to run the script via PowerShell. PowerShell is a powerful scripting language with a command-line shell. Only those who are well-acquainted with PowerShell should use it and if you’re ever instructed to run commands on your device, stop immediately and contact IT support for assistance.
Fake Microsoft Word Extension Error
Similar attacks are targeting Microsoft Word users, presenting fake errors and suggesting fixes. Users might be asked to install a “Word Online” extension to view documents correctly or offline. These instructions also include running PowerShell commands, which enable the attack.
Source: Proofpoint
Here’s how it usually happens:
- A fake error message appears, claiming you need to install or update the “Word Online” extension.
- The message provides a link to the extension.
- Installing the fake extension leads to instructions for running malicious PowerShell commands.
Protect Yourself From Scam Error Alerts
While cybersecurity tools can sometimes spot and alert you to these vulnerabilities, detection is not always possible before it is too late. The best defense is always going to be personal vigilance.
1. Be Skeptical
Always question error messages that ask you to run commands or install extensions. Cybercriminals rely on creating a sense of urgency to trick you.
2. Verify Before Acting
Check the source of any error message. If it appears suspicious, it probably is. Verify the message through official channels or by contacting IT support.
3. Keep Software Updated
Ensure your browser, operating system, and all software are up to date with the latest security patches. Outdated software can be more vulnerable to these types of attacks.
4. Use Security Tools
Employ reliable antivirus and anti-malware tools to provide an additional layer of protection. These tools can often (but not always) detect and block malicious activity.
5. Seek Professional Advice
If you’re unsure about the authenticity of an error message, consult your IT department or a trusted technician before taking any action. It’s better to be safe than sorry.
Being cautious is your best defense against these scams. If you see anything suspicious, get in touch with your IT support team right away.
Contact GCS for advice on how your team should navigate these threats and ensure digital safety.
Written by AJ Arjes-Maddox
