Pastejacking Scam Alert

This week, cybercriminals are using a technique called “pastejacking” to deceive you into running harmful code through PowerShell, a powerful command-line tool on your computer. Pastejacking works by tricking you into copying and pasting malicious code, which is then executed on your system.

The scam typically starts with an urgent-looking email that contains an attachment. When you attempt to open the attachment, an error message appears, stating, “Failed to connect to the ‘OneDrive’ cloud service. To fix the error, you need to manually update the DNS cache.” The message then provides several lines of code along with instructions on how to copy and paste it into a Windows PowerShell Terminal. The email pushes you to act quickly, which is precisely what the scammers want. If you follow these steps, you’ll unknowingly run a malicious command on your machine, allowing malware to be installed and granting the scammers access to your personal information.

To protect yourself from pastejacking:

• Legitimate emails will never ask you to open an attachment using PowerShell. If you receive an email with such instructions, report it to your IT department immediately.
• Be wary of any emails that create a sense of urgency, as this is a common tactic used by scammers to manipulate you.
• If you’re uncertain about the legitimacy of an email or attachment, contact your organization’s IT or security team for guidance.