New Canaan Police Warn Residents Of 'Pastejacking' Scam

Information via the New Canaan Police Department Facebook page

NEW CANAAN, CT — Police are warning New Canaan residents about a scam in which cybercriminals try to trick them into running malicious code using PowerShell, a powerful tool for executing commands on their computer.

In a Facebook post Thursday, police said this technique is known as "pastejacking," which involves residents copying and pasting malicious code into their computer and then allowing it to run.

According to police, this scam begins when residents receive what appears to be an urgent email that contains an attachment. If the resident tries to open the attachment, an error will display that says "failed to connect to the 'OneDrive' cloud service, to fix the error you need to update the DNS cache manually."

The message also provides a few lines of code and instructions on how to copy and paste it into a Windows PowerShell Terminal. The message urges residents to take action, which is exactly what scammers want, according to police.

"If you follow their instructions, you will run a malicious command on your machine," police said on Facebook. "The code will install malware, giving the scammers access to your personal data."

Police provided the following tips to help residents avoid falling victim to pastejacking:

• You will never receive a legitimate email that tells you to open an attachment using PowerShell. If you receive an email instructing you to use PowerShell, immediately report it to your IT team.
• Be cautious of any emails that prompt you to take urgent action. Creating a sense of urgency is a common technique that scammers use to trick you.
• If you are unsure about the legitimacy of an email or attachment, contact your organization's IT or security team for further instructions.

More information is available here.