⚠
BowTie Risk
Assessments
Hazards
Library
Implementations
Guide
← Back
Edit Threat
Name
Category
Tags
(comma-separated)
Description
An adversary may rely upon a user copying and pasting code in order to gain execution. Users may be subjected to social engineering to get them to copy and paste code directly into a Command and Scripting Interpreter. One such strategy is "ClickFix," in which adversaries present users with seemingly helpful solutions—such as prompts to fix errors or complete CAPTCHAs—that instead instruct the user to copy and paste malicious code. Malicious websites, such as those used in Drive-by Compromise, ma
Save changes
Cancel