ClickFix tactic: The Phantom Meet

Sekoia.io TDR details the emerging ClickFix social-engineering tactic—fake browser error prompts that coax users into copying and executing malicious commands—and gives a chronological and technical analysis of a Google Meet–impersonating cluster that distributes Windows and macOS infostealers (Stealc, Rhadamanthys, AMOS), documents associated infrastructure and IoCs, and links operations to traffer teams ‘Slavic Nation Empire (SNE)’ and ‘Scamquerteo’.