Published originally on November 7, 2025 by Steve Zurier on SC Media.
A new ClickFix attack looks like a legit bot check service that came from Cloudflare, but it’s a fraud that features an embedded instruction video and time counter to verify users in the last 30 minutes — all which serve to increase the sense of authenticity.
...
"ClickFix isn't a prototype of what modern deception and social engineering attacks can blend into phishing: it’s now the gold standard,” said Mark St. John, co-founder and COO at Neon Cyber. “This is going to evolve more rapidly than we want to, or even be prepared for, into attackers leveraging more AI-generated video and voice with corporate-branded personas to add to the trust factor.”
St. John said he's see all kinds of variations: like an email followed by a phone call from the "IT Guy" hijacked personas in the corporate Slack channel, asking for a teammate's review of a document ASAP, or an invoice the CEO needs signed ASAP to meet a critical deadline.
Read the full article on SC Media.