ClickFix Attack
August 5, 2025
What is it?
ClickFix is a sophisticated tactic used by attackers to trick you into running malicious code on your computer. It is a social engineering technique that uses pop-up boxes containing fake error messages with instructions on how to "fix" the problem. If you follow the instructions and click the button / copy the code, it bypasses defenses and infects your computer, giving the attacker access.
This tactic has been observed at Vanderbilt.
How does it work?
- Associated with websites that are compromised or phony (unbeknownst to you)
Example ClickFix pop up - Uses a pop-up box with a fake error message
- Instructs you to:
- Click "Fix it"
- Verify "I am not a robot"
- Press Windows + R
- Automatically copies, or asks you to manually copy, code into your computer terminal
- Your computer runs that code and installs malware
How to protect yourself
Be aware that VUIT will never ask you to run code by yourself to troubleshoot a problem. Never copy prompts or code into Windows Run or PowerShell unless you fully understand what the code does.
If you see this prompt, close your browser immediately. Report it to Cybersecurity and change the password for your VUNet ID .