← Back to News List

Beware of the “ClickFix” Scam

Cybersecurity Awareness Month

Hello UMBC Community!

Join us today from 12:00 to 1:00 pm in the breezeway near the Commons to learn more and receive giveaways! We have a f(ph)ishing game and Swedish fish.

As part of Cybersecurity Awareness Month, we want to highlight a new tactic cybercriminals are using called ClickFix. This attack disguises itself as an error message or system alert that looks like it comes from your operating system. The message then instructs you to copy and paste a command into your terminal or command prompt.

Please remember:

  1. Never copy or paste commands from a pop-up window or website.
  2. If you see a suspicious alert, close the window or browser tab immediately.
  3. Report the incident to security@umbc.edu right away so we can investigate.
  4. If you have already entered a command, disconnect from the internet and stop using your device until security reviews it.

ClickFix relies on tricking users into taking action. By staying cautious and reporting anything unusual, you help protect both yourself and our organization.

Report the event to the security team at security@umbc.edu. Your report helps protect everyone!

Thank you for staying vigilant and keeping security a priority.

ClickFix Scam. Never copy Commands into the terminal. Scam example showing "Verification Steps: that involve copy and pasting of instructions. Individuals should never paste commands from a pop-up window or website. Close the window or browser tab immediately.

Posted: October 20, 2025, 10:22 AM

Cybersecurity Awareness Month with the tagline: Stay connected, stay safe, stay smart!