You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
powershell scams
About this tag
The tag 'powershell scams' covers social-media-driven attacks where threat actors trick Windows users into running malicious PowerShell commands. These scams, often promoted via TikTok and Instagram Reels, promise free software like Microsoft Office, Windows activation, or Spotify Premium. Instead, they deliver infostealers such as Vidar, which steals credentials and sensitive data. The attacks bypass traditional phishing warnings by appearing as helpful shortcuts from trusted-looking sources. Discussions on WindowsForum highlight how these scams exploit user trust in social feeds and the legitimate PowerShell tool, emphasizing the need for caution when executing commands from unverified sources.
On June 11, 2026, security researchers reported active TikTok and Instagram Reels campaigns that lure Windows users with fake free Microsoft Office, Windows activation, Spotify Premium, and Adobe tutorials, then push PowerShell commands or downloads that install the Vidar infostealer. The...