{"id":1248,"date":"2026-02-11T00:28:17","date_gmt":"2026-02-11T06:28:17","guid":{"rendered":"https:\/\/cmitsolutions.com\/lasvegas-nv-1206\/?p=1248"},"modified":"2026-02-11T00:28:17","modified_gmt":"2026-02-11T06:28:17","slug":"clickfix-phishing-hospitality-threat-alert","status":"publish","type":"post","link":"https:\/\/cmitsolutions.com\/lasvegas-nv-1206\/blog\/clickfix-phishing-hospitality-threat-alert\/","title":{"rendered":"ClickFix- Phishing Alert: The New Fake Update Threat Targeting Las Vegas Hospitality"},"content":{"rendered":"<p>&nbsp;<\/p>\n<article><!-- Urgent Alert Header --><\/p>\n<table border=\"0\" width=\"100%\" cellspacing=\"0\" cellpadding=\"40\" bgcolor=\"#ef3f37\">\n<tbody>\n<tr>\n<td>\n<h1 style=\"color: white;font-family: 'Avenir', Arial, sans-serif;font-size: 2.2em;font-weight: 900;margin: 0 0 20px 0;line-height: 1.3\">\ud83d\udea8 URGENT: &#8220;ClickFix&#8221; Phishing Campaign Targeting Las Vegas Hospitality<\/h1>\n<p style=\"color: white;font-family: 'Avenir', Arial, sans-serif;font-size: 1.3em;margin: 0;font-weight: 600;padding: 15px;border-radius: 5px\">Copy-Paste PowerShell Scam Bypasses Email Filters &#8211; Hotels, Casinos, and Transportation at Risk<\/p>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<p><!-- Threat Level Indicator --><\/p>\n<table border=\"0\" width=\"100%\" cellspacing=\"0\" cellpadding=\"25\" bgcolor=\"#002f44\">\n<tbody>\n<tr>\n<td align=\"center\">\n<table border=\"0\" cellspacing=\"0\" cellpadding=\"15\">\n<tbody>\n<tr>\n<td style=\"background-color: #ef3f37;padding: 15px 30px;border-radius: 50px\">\n<p style=\"margin: 0;font-family: 'Avenir', Arial, sans-serif;font-size: 1.2em;font-weight: 900;color: white\">\u26a0\ufe0f ACTIVE CAMPAIGN &#8211; HOSPITALITY SECTOR TARGETED<\/p>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<p><!-- Executive Summary --><\/p>\n<table border=\"0\" width=\"100%\" cellspacing=\"0\" cellpadding=\"25\">\n<tbody>\n<tr>\n<td>\n<h2 style=\"color: #002f44;font-family: 'Avenir', Arial, sans-serif;font-size: 1.8em;font-weight: 900;margin: 0 0 20px 0;padding-bottom: 15px;border-bottom: 3px solid #ef3f37\">1. Executive Summary: The &#8220;Copy-Paste&#8221; Trap<\/h2>\n<p style=\"font-family: 'Avenir', Arial, sans-serif;font-size: 1.08em;line-height: 1.8;color: #002f44\">A sophisticated new social engineering campaign, dubbed <strong style=\"color: #ef3f37\">&#8220;ClickFix,&#8221;<\/strong> is actively targeting the <strong>hospitality and transportation sectors<\/strong>. Unlike traditional phishing that relies on a malicious link, this attack weaponizes &#8220;tech support anxiety.&#8221;<\/p>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p><!-- Scam Explanation Box --><\/p>\n<table border=\"0\" width=\"100%\" cellspacing=\"0\" cellpadding=\"30\" bgcolor=\"#f4f8fa\">\n<tbody>\n<tr>\n<td>\n<h3 style=\"color: #002f44;font-family: 'Avenir', Arial, sans-serif;font-size: 1.5em;font-weight: 900;margin: 0 0 20px 0\">How The Scam Works:<\/h3>\n<p style=\"margin: 0 0 15px 0;font-family: 'Avenir', Arial, sans-serif;font-size: 1.05em;line-height: 1.7;color: #002f44\"><strong style=\"color: #ef3f37\">The Trap:<\/strong> Employees see a fake pop-up (mimicking Google Chrome, Microsoft Word, or Booking.com) claiming a &#8220;Critical Error&#8221; or &#8220;Update Required.&#8221; Instead of a download button, it instructs them to copy a PowerShell script and paste it into their terminal to &#8220;fix&#8221; the issue.<\/p>\n<p style=\"margin: 0;font-family: 'Avenir', Arial, sans-serif;font-size: 1.05em;line-height: 1.7;color: #002f44;padding: 20px;background-color: white;border-left: 5px solid #ef3f37\"><strong style=\"color: #ef3f37\">The Impact on Las Vegas:<\/strong> With our city&#8217;s heavy reliance on <strong>Booking.com, Expedia, and rapid front-desk operations<\/strong>, this specific campaign puts guest data and corporate networks at immediate risk of ransomware and credential theft. Hotels on The Strip, downtown properties, and casino resorts are prime targets.<\/p>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<hr style=\"border: none;border-top: 2px solid #d0dadf;margin: 50px 0\" \/>\n<p><!-- Technical Details --><\/p>\n<table border=\"0\" width=\"100%\" cellspacing=\"0\" cellpadding=\"25\">\n<tbody>\n<tr>\n<td>\n<h2 style=\"color: #002f44;font-family: 'Avenir', Arial, sans-serif;font-size: 1.8em;font-weight: 900;margin: 0 0 20px 0;padding-bottom: 15px;border-bottom: 3px solid #ef3f37\">2. The Technical Details: Bypassing Email Filters<\/h2>\n<p style=\"font-family: 'Avenir', Arial, sans-serif;font-size: 1.08em;line-height: 1.8;color: #002f44\">This attack is clever because it <strong style=\"color: #ef3f37\">bypasses email filters<\/strong>\u2014the malicious code is never &#8220;sent&#8221; to you; you paste it yourself.<\/p>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p><!-- Technical Attack Chain --><\/p>\n<table border=\"0\" width=\"100%\" cellspacing=\"0\" cellpadding=\"35\" bgcolor=\"#002f44\">\n<tbody>\n<tr>\n<td>\n<h3 style=\"color: #ef9b37;font-family: 'Avenir', Arial, sans-serif;font-size: 1.6em;font-weight: 900;margin: 0 0 20px 0\">Attack Mechanism Analysis:<\/h3>\n<table border=\"0\" width=\"100%\" cellspacing=\"0\" cellpadding=\"15\">\n<tbody>\n<tr>\n<td style=\"border-left: 5px solid #ef3f37;padding: 20px;margin-bottom: 15px\" bgcolor=\"rgba(255, 255, 255, 0.05)\"><strong style=\"color: white;font-family: 'Avenir', Arial, sans-serif;font-size: 1.2em;margin-bottom: 10px\">\ud83c\udf10 Attack Vector<\/strong><\/p>\n<p style=\"margin: 0;font-family: 'Avenir', Arial, sans-serif;line-height: 1.7;color: white\">Compromised websites inject an iframe displaying a fake error (e.g., &#8220;Word Online: Document Preview Error&#8221; or &#8220;Booking.com: Session Timeout &#8211; Action Required&#8221;). These appear on legitimate-looking pages employees visit daily.<\/p>\n<\/td>\n<\/tr>\n<tr>\n<td height=\"15\"><\/td>\n<\/tr>\n<tr>\n<td style=\"border-left: 5px solid #ef9b37;padding: 20px\" bgcolor=\"rgba(255, 255, 255, 0.05)\"><strong style=\"color: white;font-family: 'Avenir', Arial, sans-serif;font-size: 1.2em;margin-bottom: 10px\">\u2328\ufe0f The Mechanism<\/strong><\/p>\n<p style=\"margin: 0;font-family: 'Avenir', Arial, sans-serif;line-height: 1.7;color: white\">The user is told to press <strong style=\"color: #ef9b37\">&#8220;Ctrl+C&#8221;<\/strong> (to copy the &#8220;fix&#8221;) and <strong style=\"color: #ef9b37\">&#8220;Ctrl+V&#8221;<\/strong> into a Windows PowerShell window. Instructions appear professional with Microsoft-style formatting and official-looking error codes.<\/p>\n<\/td>\n<\/tr>\n<tr>\n<td height=\"15\"><\/td>\n<\/tr>\n<tr>\n<td style=\"border-left: 5px solid #2fb17e;padding: 20px\" bgcolor=\"rgba(255, 255, 255, 0.05)\"><strong style=\"color: white;font-family: 'Avenir', Arial, sans-serif;font-size: 1.2em;margin-bottom: 10px\">\ud83d\udc80 The Payload<\/strong><\/p>\n<p style=\"margin: 0;font-family: 'Avenir', Arial, sans-serif;line-height: 1.7;color: white\">The clipboard content is actually a malicious PowerShell script (using <code style=\"background-color: #001b28;padding: 3px 8px;border-radius: 3px;color: #ef3f37;font-weight: 600\">mshta.exe<\/code> or similar legitimate Windows binaries) that downloads the <strong style=\"color: #ef3f37\">Lumma Stealer<\/strong> or <strong style=\"color: #ef3f37\">Vidar<\/strong> malware. These are credential-harvesting tools that steal browser passwords, session tokens, and cryptocurrency wallets.<\/p>\n<\/td>\n<\/tr>\n<tr>\n<td height=\"15\"><\/td>\n<\/tr>\n<tr>\n<td style=\"border-left: 5px solid #ef3f37;padding: 20px\" bgcolor=\"rgba(255, 255, 255, 0.05)\"><strong style=\"color: white;font-family: 'Avenir', Arial, sans-serif;font-size: 1.2em;margin-bottom: 10px\">\ud83c\udfaf Targeted Sectors<\/strong><\/p>\n<p style=\"margin: 0;font-family: 'Avenir', Arial, sans-serif;line-height: 1.7;color: white\">Specifically targeting <strong style=\"color: #ef9b37\">Transport, Logistics, and Hospitality (Hotels\/Casinos)<\/strong>. Las Vegas hospitality sector is uniquely vulnerable due to high volume of Booking.com, Expedia, and reservation system usage combined with frequent employee turnover.<\/p>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<hr style=\"border: none;border-top: 2px solid #d0dadf;margin: 50px 0\" \/>\n<p><!-- The Risk Section --><\/p>\n<table border=\"0\" width=\"100%\" cellspacing=\"0\" cellpadding=\"25\">\n<tbody>\n<tr>\n<td>\n<h2 style=\"color: #002f44;font-family: 'Avenir', Arial, sans-serif;font-size: 1.8em;font-weight: 900;margin: 0 0 20px 0;padding-bottom: 15px;border-bottom: 3px solid #ef3f37\">3. The Risk: Why Firewalls Can&#8217;t Stop This<\/h2>\n<p style=\"font-family: 'Avenir', Arial, sans-serif;font-size: 1.08em;line-height: 1.8;color: #002f44\">For a <strong>Las Vegas hotel manager or logistics coordinator<\/strong>, this looks like a standard IT glitch. The attack exploits trust in familiar platforms and the pressure of fast-paced hospitality operations.<\/p>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p><!-- Risk Blocks --><\/p>\n<table style=\"margin: 25px 0\" border=\"0\" width=\"100%\" cellspacing=\"0\" cellpadding=\"30\" bgcolor=\"#f4f8fa\">\n<tbody>\n<tr>\n<td style=\"border-left: 6px solid #ef3f37\">\n<h3 style=\"color: #002f44;font-family: 'Avenir', Arial, sans-serif;font-size: 1.5em;font-weight: 900;margin: 0 0 15px 0\">\ud83d\udee1\ufe0f Bypassing EDR (Endpoint Detection &amp; Response)<\/h3>\n<p style=\"margin: 0;font-family: 'Avenir', Arial, sans-serif;font-size: 1.05em;line-height: 1.7;color: #002f44\">Because the user <strong>manually executes the script<\/strong>, many Endpoint Detection &amp; Response (EDR) tools view it as an &#8220;administrative action&#8221; rather than a virus. The malware uses legitimate Windows utilities (Living off the Land &#8211; LotL attack), making detection extremely difficult. Traditional antivirus sees PowerShell.exe and assumes it&#8217;s a technician performing maintenance.<\/p>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<table style=\"margin: 25px 0\" border=\"0\" width=\"100%\" cellspacing=\"0\" cellpadding=\"30\" bgcolor=\"#f4f8fa\">\n<tbody>\n<tr>\n<td style=\"border-left: 6px solid #ef9b37\">\n<h3 style=\"color: #002f44;font-family: 'Avenir', Arial, sans-serif;font-size: 1.5em;font-weight: 900;margin: 0 0 15px 0\">\ud83d\udd10 Session Token Theft<\/h3>\n<p style=\"margin: 0;font-family: 'Avenir', Arial, sans-serif;font-size: 1.05em;line-height: 1.7;color: #002f44\">The malware targets <strong>browser cookies and session tokens<\/strong>. This means hackers can log into your Booking.com, Expedia, or Bank of America portal <em>without<\/em> needing your password or 2FA code. They hijack active sessions, appearing as legitimate logged-in users. Multi-Factor Authentication provides zero protection against session token theft.<\/p>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<table style=\"margin: 25px 0\" border=\"0\" width=\"100%\" cellspacing=\"0\" cellpadding=\"30\" bgcolor=\"#f4f8fa\">\n<tbody>\n<tr>\n<td style=\"border-left: 6px solid #2fb17e\">\n<h3 style=\"color: #002f44;font-family: 'Avenir', Arial, sans-serif;font-size: 1.5em;font-weight: 900;margin: 0 0 15px 0\">\ud83d\udcb3 Guest Fraud &amp; Reputation Damage<\/h3>\n<p style=\"margin: 0;font-family: 'Avenir', Arial, sans-serif;font-size: 1.05em;line-height: 1.7;color: #002f44\">Once inside a hotel&#8217;s <strong>Booking.com account<\/strong>, attackers can message future guests demanding payment to alternative accounts, cancel reservations causing revenue loss, or steal guest credit card information for fraud. <strong>This is a reputation nightmare for Las Vegas properties.<\/strong> A single incident can destroy years of 5-star reviews and guest trust, particularly damaging for boutique hotels and independent properties.<\/p>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p><!-- Las Vegas Specific Impact --><\/p>\n<table border=\"0\" width=\"100%\" cellspacing=\"0\" cellpadding=\"35\" bgcolor=\"#002f44\">\n<tbody>\n<tr>\n<td>\n<h3 style=\"color: #ef9b37;font-family: 'Avenir', Arial, sans-serif;font-size: 1.6em;font-weight: 900;margin: 0 0 20px 0\">Las Vegas Hospitality Sector Vulnerability:<\/h3>\n<table border=\"0\" width=\"100%\" cellspacing=\"0\" cellpadding=\"12\">\n<tbody>\n<tr>\n<td valign=\"top\" width=\"5%\"><strong style=\"color: #ef3f37;font-size: 1.4em\">\u25cf<\/strong><\/td>\n<td style=\"color: white;font-family: 'Avenir', Arial, sans-serif;line-height: 1.7;padding: 8px 0\"><strong>High-volume operations:<\/strong> The Strip hotels process thousands of check-ins daily, creating pressure to &#8220;fix&#8221; issues quickly without verification<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\"><strong style=\"color: #ef3f37;font-size: 1.4em\">\u25cf<\/strong><\/td>\n<td style=\"color: white;font-family: 'Avenir', Arial, sans-serif;line-height: 1.7;padding: 8px 0\"><strong>Employee turnover:<\/strong> Frequent staff changes in hospitality mean new employees may not recognize legitimate vs. fake IT procedures<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\"><strong style=\"color: #ef3f37;font-size: 1.4em\">\u25cf<\/strong><\/td>\n<td style=\"color: white;font-family: 'Avenir', Arial, sans-serif;line-height: 1.7;padding: 8px 0\"><strong>Multiple booking platforms:<\/strong> Properties use Booking.com, Expedia, Hotels.com, Airbnb &#8211; attackers customize fake errors for each<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\"><strong style=\"color: #ef3f37;font-size: 1.4em\">\u25cf<\/strong><\/td>\n<td style=\"color: white;font-family: 'Avenir', Arial, sans-serif;line-height: 1.7;padding: 8px 0\"><strong>PCI compliance requirements:<\/strong> Hotels process credit cards &#8211; credential theft can trigger compliance violations and massive fines<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\"><strong style=\"color: #ef3f37;font-size: 1.4em\">\u25cf<\/strong><\/td>\n<td style=\"color: white;font-family: 'Avenir', Arial, sans-serif;line-height: 1.7;padding: 8px 0\"><strong>Gaming Control Board scrutiny:<\/strong> Casino-hotels face additional regulatory oversight &#8211; security breaches can jeopardize gaming licenses<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<hr style=\"border: none;border-top: 2px solid #d0dadf;margin: 50px 0\" \/>\n<p><!-- Mitigation Plan --><\/p>\n<table border=\"0\" width=\"100%\" cellspacing=\"0\" cellpadding=\"25\">\n<tbody>\n<tr>\n<td>\n<h2 style=\"color: #002f44;font-family: 'Avenir', Arial, sans-serif;font-size: 1.8em;font-weight: 900;margin: 0 0 20px 0;padding-bottom: 15px;border-bottom: 3px solid #ef3f37\">4. The 3-Step Mitigation Plan<\/h2>\n<p style=\"font-family: 'Avenir', Arial, sans-serif;font-size: 1.08em;line-height: 1.8;color: #002f44\">Since this exploits human behavior, technology alone isn&#8217;t the fix. You need a <strong style=\"color: #ef3f37\">&#8220;Human Firewall.&#8221;<\/strong><\/p>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p><!-- Step 1 --><\/p>\n<table style=\"margin: 25px 0\" border=\"0\" width=\"100%\" cellspacing=\"0\" cellpadding=\"35\" bgcolor=\"#002f44\">\n<tbody>\n<tr>\n<td style=\"border-left: 6px solid #2fb17e\">\n<table border=\"0\" width=\"100%\" cellspacing=\"0\" cellpadding=\"0\">\n<tbody>\n<tr>\n<td width=\"80\">\n<div style=\"background-color: #2fb17e;color: white;width: 60px;height: 60px;border-radius: 50%;align-items: center;justify-content: center;font-family: 'Avenir', Arial, sans-serif;font-size: 2em;font-weight: 900;text-align: center;line-height: 60px\">1<\/div>\n<\/td>\n<td style=\"padding-left: 20px\">\n<h3 style=\"color: white;font-family: 'Avenir', Arial, sans-serif;font-size: 1.5em;font-weight: 900;margin: 0 0 15px 0\">Disable PowerShell for Front-Desk Users<\/h3>\n<p style=\"margin: 0 0 15px 0;color: white;font-family: 'Avenir', Arial, sans-serif;font-size: 1.05em;line-height: 1.7\"><strong style=\"color: #2fb17e\">Technical Control:<\/strong> Most front-desk staff, reservation agents, and concierge personnel never need to use PowerShell or Windows Command Prompt in legitimate operations.<\/p>\n<p style=\"margin: 0;color: white;font-family: 'Avenir', Arial, sans-serif;font-size: 1.05em;line-height: 1.7\"><strong style=\"color: #2fb17e\">Action:<\/strong> Use Group Policy (GPO) to disable the Windows Command Prompt and PowerShell for non-admin users, or restrict &#8220;Console Window&#8221; access entirely. Only IT administrators should have PowerShell privileges. This single step blocks the entire ClickFix attack chain.<\/p>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p><!-- Step 2 --><\/p>\n<table style=\"margin: 25px 0\" border=\"0\" width=\"100%\" cellspacing=\"0\" cellpadding=\"35\" bgcolor=\"#002f44\">\n<tbody>\n<tr>\n<td style=\"border-left: 6px solid #ef9b37\">\n<table border=\"0\" width=\"100%\" cellspacing=\"0\" cellpadding=\"0\">\n<tbody>\n<tr>\n<td width=\"80\">\n<div style=\"background-color: #ef9b37;color: white;width: 60px;height: 60px;border-radius: 50%;align-items: center;justify-content: center;font-family: 'Avenir', Arial, sans-serif;font-size: 2em;font-weight: 900;text-align: center;line-height: 60px\">2<\/div>\n<\/td>\n<td style=\"padding-left: 20px\">\n<h3 style=\"color: white;font-family: 'Avenir', Arial, sans-serif;font-size: 1.5em;font-weight: 900;margin: 0 0 15px 0\">The &#8220;Tech Support&#8221; Verification Rule<\/h3>\n<p style=\"margin: 0 0 15px 0;color: white;font-family: 'Avenir', Arial, sans-serif;font-size: 1.05em;line-height: 1.7\"><strong style=\"color: #ef9b37\">Policy:<\/strong> Train staff that <em>no legitimate error message<\/em> will ever ask you to &#8220;Copy and Paste&#8221; code or commands. Not from Microsoft, not from Google, not from Booking.com, not from any legitimate vendor.<\/p>\n<p style=\"margin: 0;color: white;font-family: 'Avenir', Arial, sans-serif;font-size: 1.05em;line-height: 1.7\"><strong style=\"color: #ef9b37\">Action:<\/strong> If a pop-up asks for a manual &#8220;fix&#8221; involving copying code, instruct staff to: (1) Close the browser immediately, (2) Do not restart the computer, (3) Call the CMIT Help Desk at 702-725-2877 before taking any action. Post this procedure prominently at every front desk workstation.<\/p>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p><!-- Step 3 --><\/p>\n<table style=\"margin: 25px 0\" border=\"0\" width=\"100%\" cellspacing=\"0\" cellpadding=\"35\" bgcolor=\"#002f44\">\n<tbody>\n<tr>\n<td style=\"border-left: 6px solid #ef3f37\">\n<table border=\"0\" width=\"100%\" cellspacing=\"0\" cellpadding=\"0\">\n<tbody>\n<tr>\n<td width=\"80\">\n<div style=\"background-color: #ef3f37;color: white;width: 60px;height: 60px;border-radius: 50%;align-items: center;justify-content: center;font-family: 'Avenir', Arial, sans-serif;font-size: 2em;font-weight: 900;text-align: center;line-height: 60px\">3<\/div>\n<\/td>\n<td style=\"padding-left: 20px\">\n<h3 style=\"color: white;font-family: 'Avenir', Arial, sans-serif;font-size: 1.5em;font-weight: 900;margin: 0 0 15px 0\">Monitor for &#8220;mshta.exe&#8221; Execution<\/h3>\n<p style=\"margin: 0 0 15px 0;color: white;font-family: 'Avenir', Arial, sans-serif;font-size: 1.05em;line-height: 1.7\"><strong style=\"color: #ef3f37\">Detection:<\/strong> The &#8220;ClickFix&#8221; script often uses the Microsoft HTML Application Host (<code style=\"background-color: #001b28;padding: 3px 8px;border-radius: 3px;color: #ef9b37\">mshta.exe<\/code>) to reach the internet and download malware payloads.<\/p>\n<p style=\"margin: 0;color: white;font-family: 'Avenir', Arial, sans-serif;font-size: 1.05em;line-height: 1.7\"><strong style=\"color: #ef3f37\">Action:<\/strong> Configure your EDR (SentinelOne, CrowdStrike, Microsoft Defender) to flag or automatically block <code style=\"background-color: #001b28;padding: 3px 8px;border-radius: 3px;color: #ef9b37\">mshta.exe<\/code> if it attempts to make an outbound network connection. In most hotel environments, mshta.exe should never need internet access. This catches the attack during payload download.<\/p>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<hr style=\"border: none;border-top: 2px solid #d0dadf;margin: 50px 0\" \/>\n<p><!-- CMIT Protection Section --><\/p>\n<table border=\"0\" width=\"100%\" cellspacing=\"0\" cellpadding=\"25\">\n<tbody>\n<tr>\n<td>\n<h2 style=\"color: #002f44;font-family: 'Avenir', Arial, sans-serif;font-size: 1.8em;font-weight: 900;margin: 0 0 20px 0;padding-bottom: 15px;border-bottom: 3px solid #ef3f37\">5. How CMIT Solutions Protects Las Vegas Hospitality<\/h2>\n<p style=\"font-family: 'Avenir', Arial, sans-serif;font-size: 1.08em;line-height: 1.8;color: #002f44\">We actively hunt for these specific <strong style=\"color: #ef3f37\">&#8220;Living off the Land&#8221; (LotL)<\/strong> attacks where hackers use your own tools against you. Our hotel and casino clients receive specialized protection designed for high-volume guest operations.<\/p>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p><!-- Protection Services --><\/p>\n<table border=\"0\" width=\"100%\" cellspacing=\"0\" cellpadding=\"35\" bgcolor=\"#002f44\">\n<tbody>\n<tr>\n<td>\n<h3 style=\"color: #ef9b37;font-family: 'Avenir', Arial, sans-serif;font-size: 1.6em;font-weight: 900;margin: 0 0 20px 0\">Hospitality-Focused Security Services:<\/h3>\n<table border=\"0\" width=\"100%\" cellspacing=\"0\" cellpadding=\"15\">\n<tbody>\n<tr>\n<td valign=\"top\" width=\"5%\"><strong style=\"color: #2fb17e;font-size: 1.4em\">\u2713<\/strong><\/td>\n<td style=\"color: white;font-family: 'Avenir', Arial, sans-serif;line-height: 1.7;padding: 8px 0\"><strong style=\"font-size: 1.15em\">PowerShell Script Blocking:<\/strong> Our security stack blocks unauthorized PowerShell scripts from running on front-desk terminals, reservation systems, and guest-facing computers. Application whitelisting ensures only approved hospitality software executes.<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\"><strong style=\"color: #2fb17e;font-size: 1.4em\">\u2713<\/strong><\/td>\n<td style=\"color: white;font-family: 'Avenir', Arial, sans-serif;line-height: 1.7;padding: 8px 0\"><strong style=\"font-size: 1.15em\">DNS Filtering:<\/strong> We block the known Command &amp; Control (C2) domains that ClickFix scripts try to contact. Advanced threat intelligence prevents communication with malware distribution servers.<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\"><strong style=\"color: #2fb17e;font-size: 1.4em\">\u2713<\/strong><\/td>\n<td style=\"color: white;font-family: 'Avenir', Arial, sans-serif;line-height: 1.7;padding: 8px 0\"><strong style=\"font-size: 1.15em\">Front-Desk Security Training:<\/strong> Customized training for hotel staff covering ClickFix, fake Booking.com errors, and reservation system scams. Monthly simulations test employee readiness with realistic hospitality scenarios.<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\"><strong style=\"color: #2fb17e;font-size: 1.4em\">\u2713<\/strong><\/td>\n<td style=\"color: white;font-family: 'Avenir', Arial, sans-serif;line-height: 1.7;padding: 8px 0\"><strong style=\"font-size: 1.15em\">Session Monitoring:<\/strong> 24\/7 SOC watches for impossible travel (Booking.com login from Las Vegas suddenly appearing from Russia), credential stuffing, and session token anomalies across all hotel systems.<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\"><strong style=\"color: #2fb17e;font-size: 1.4em\">\u2713<\/strong><\/td>\n<td style=\"color: white;font-family: 'Avenir', Arial, sans-serif;line-height: 1.7;padding: 8px 0\"><strong style=\"font-size: 1.15em\">PMS &amp; POS Protection:<\/strong> Segmented networks isolate Property Management Systems (Opera, OnQ, Maestro) and Point of Sale systems from general office computers, containing infections if they occur.<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\"><strong style=\"color: #2fb17e;font-size: 1.4em\">\u2713<\/strong><\/td>\n<td style=\"color: white;font-family: 'Avenir', Arial, sans-serif;line-height: 1.7;padding: 8px 0\"><strong style=\"font-size: 1.15em\">PCI Compliance Maintenance:<\/strong> Security controls designed to maintain Payment Card Industry Data Security Standard (PCI DSS) compliance while blocking modern attack vectors like ClickFix.<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\"><strong style=\"color: #2fb17e;font-size: 1.4em\">\u2713<\/strong><\/td>\n<td style=\"color: white;font-family: 'Avenir', Arial, sans-serif;line-height: 1.7;padding: 8px 0\"><strong style=\"font-size: 1.15em\">Incident Response Plan:<\/strong> Pre-established breach response procedures specific to hospitality operations &#8211; minimizing guest notification delays and protecting reputation during security events.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<p><!-- Front Desk Vulnerability CTA --><\/p>\n<table border=\"0\" width=\"100%\" cellspacing=\"0\" cellpadding=\"35\" bgcolor=\"#f4f8fa\">\n<tbody>\n<tr>\n<td style=\"border: 3px solid #ef3f37\" align=\"center\">\n<h3 style=\"color: #002f44;font-family: 'Avenir', Arial, sans-serif;font-size: 1.6em;font-weight: 900;margin: 0 0 15px 0\">\u26a0\ufe0f Is Your Front Desk Vulnerable to &#8220;Fake Update&#8221; Scams?<\/h3>\n<p style=\"margin: 0 0 20px 0;font-family: 'Avenir', Arial, sans-serif;font-size: 1.15em;line-height: 1.7;color: #002f44\">Don&#8217;t let ClickFix compromise guest data and destroy your reputation. We can assess your front-desk security in 24 hours.<\/p>\n<p style=\"margin: 0\"><a style=\"background-color: #ef3f37;color: white;padding: 18px 40px;text-decoration: none;border-radius: 50px;font-family: 'Avenir', Arial, sans-serif;font-weight: bold;font-size: 1.2em\" href=\"https:\/\/cmitsolutions.com\/lasvegas-nv-1206\/contact-us\/\">Schedule Security Awareness Training<\/a><\/p>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<hr style=\"border: none;border-top: 2px solid #d0dadf;margin: 50px 0\" \/>\n<p><!-- Main CTA Section --><\/p>\n<table border=\"0\" width=\"100%\" cellspacing=\"0\" cellpadding=\"45\" bgcolor=\"#ef3f37\">\n<tbody>\n<tr>\n<td align=\"center\">\n<h2 style=\"color: white;font-family: 'Avenir', Arial, sans-serif;font-size: 2.2em;font-weight: 900;margin: 0 0 20px 0\">Protect Your Hotel from ClickFix Attacks<\/h2>\n<p style=\"color: white;font-family: 'Avenir', Arial, sans-serif;font-size: 1.2em;margin: 0 0 15px 0;line-height: 1.6\">Get specialized hospitality cybersecurity that protects guest data, Booking.com credentials, and your reputation.<\/p>\n<p style=\"color: white;font-family: 'Avenir', Arial, sans-serif;font-size: 1.15em;margin: 0 0 25px 0;font-weight: 600\">CMIT Solutions: Trusted by Las Vegas Hotels, Casinos, and Hospitality Groups<\/p>\n<table style=\"margin: 25px auto\" border=\"0\" cellspacing=\"0\" cellpadding=\"15\">\n<tbody>\n<tr>\n<td style=\"border-radius: 50px;padding: 5px 20px\" bgcolor=\"#002f44\">\n<p style=\"margin: 0;font-family: 'Avenir', Arial, sans-serif;font-size: 1.6em;font-weight: bold;color: white\">\ud83d\udcde <a style=\"color: white;text-decoration: none\" href=\"tel:702-725-2877\">702-725-2877<\/a><\/p>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p style=\"margin: 25px 0\"><a style=\"background-color: #002f44;color: white;padding: 18px 40px;text-decoration: none;border-radius: 50px;font-family: 'Avenir', Arial, sans-serif;font-weight: bold;font-size: 1.2em\" href=\"https:\/\/cmitsolutions.com\/lasvegas-nv-1206\/contact-us\/\">Request Hospitality Security Assessment<\/a><\/p>\n<p style=\"color: white;font-family: 'Avenir', Arial, sans-serif;font-size: 1em;margin: 25px 0 0 0\"><a style=\"color: white;text-decoration: underline\" href=\"https:\/\/cmitsolutions.com\/lasvegas-nv-1206\">cmitsolutions.com\/lasvegas-nv-1206<\/a><\/p>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<p><!-- Key Takeaways --><\/p>\n<table border=\"0\" width=\"100%\" cellspacing=\"0\" cellpadding=\"30\" bgcolor=\"#f4f8fa\">\n<tbody>\n<tr>\n<td>\n<h3 style=\"color: #002f44;font-family: 'Avenir', Arial, sans-serif;font-size: 1.6em;font-weight: 900;margin-top: 0\">Key Takeaways for Hospitality Operations:<\/h3>\n<table border=\"0\" width=\"100%\" cellspacing=\"0\" cellpadding=\"8\">\n<tbody>\n<tr>\n<td valign=\"top\" width=\"3%\"><strong style=\"color: #ef3f37\">\u26a0<\/strong><\/td>\n<td style=\"font-family: 'Avenir', Arial, sans-serif;line-height: 1.8;color: #002f44\"><strong>ClickFix targets hospitality sector<\/strong> &#8211; Copy-paste PowerShell scam specifically designed for hotels, casinos, and transportation<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\"><strong style=\"color: #ef3f37\">\u26a0<\/strong><\/td>\n<td style=\"font-family: 'Avenir', Arial, sans-serif;line-height: 1.8;color: #002f44\"><strong>Bypasses email filters<\/strong> &#8211; Malicious code never sent via email, users paste it themselves after fake error messages<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\"><strong style=\"color: #ef3f37\">\u26a0<\/strong><\/td>\n<td style=\"font-family: 'Avenir', Arial, sans-serif;line-height: 1.8;color: #002f44\"><strong>Session token theft<\/strong> &#8211; Steals Booking.com, Expedia credentials allowing hackers to impersonate staff and commit fraud<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\"><strong style=\"color: #ef3f37\">\u26a0<\/strong><\/td>\n<td style=\"font-family: 'Avenir', Arial, sans-serif;line-height: 1.8;color: #002f44\"><strong>Guest fraud risk<\/strong> &#8211; Attackers message future guests demanding payment, causing reputation damage and revenue loss<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\"><strong style=\"color: #2fb17e\">\u2713<\/strong><\/td>\n<td style=\"font-family: 'Avenir', Arial, sans-serif;line-height: 1.8;color: #002f44\"><strong>Disable PowerShell for front-desk staff<\/strong> &#8211; Most hospitality employees never need command line access<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\"><strong style=\"color: #2fb17e\">\u2713<\/strong><\/td>\n<td style=\"font-family: 'Avenir', Arial, sans-serif;line-height: 1.8;color: #002f44\"><strong>Never copy-paste &#8220;fixes&#8221;<\/strong> &#8211; No legitimate error message asks users to paste code into PowerShell<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\"><strong style=\"color: #2fb17e\">\u2713<\/strong><\/td>\n<td style=\"font-family: 'Avenir', Arial, sans-serif;line-height: 1.8;color: #002f44\"><strong>Monitor mshta.exe activity<\/strong> &#8211; Block Microsoft HTML Application Host from making outbound connections<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\"><strong style=\"color: #2fb17e\">\u2713<\/strong><\/td>\n<td style=\"font-family: 'Avenir', Arial, sans-serif;line-height: 1.8;color: #002f44\"><strong>CMIT Solutions provides hospitality-focused training<\/strong> and front-desk security for Las Vegas hotels and casinos<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<p><!-- Source Attribution --><\/p>\n<table border=\"0\" width=\"100%\" cellspacing=\"0\" cellpadding=\"20\">\n<tbody>\n<tr>\n<td>\n<h3 style=\"color: #002f44;font-family: 'Avenir', Arial, sans-serif;font-size: 1.3em;font-weight: 900;margin: 0 0 10px 0\">6. Source &amp; Technical Analysis<\/h3>\n<p style=\"font-family: 'Avenir', Arial, sans-serif;font-size: 0.95em;color: #9ba8b1;margin: 0;font-style: italic\">Read the technical breakdown of the ClickFix campaign targeting hospitality here: <a style=\"color: #002f44;text-decoration: underline\" href=\"https:\/\/thehackernews.com\/2025\/11\/large-scale-clickfix-phishing-attacks.html\" target=\"_blank\" rel=\"noopener noreferrer\">The Hacker News: Large-Scale ClickFix Phishing Attacks Target Transport and Hospitality Sectors<\/a><\/p>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/article>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>&#8220;The &#8216;ClickFix&#8217; campaign uses a psychological trick: it presents a fake &#8216;Browser Error&#8217; and asks the user to copy-paste a &#8216;Fix&#8217; script. This bypasses standard antivirus by making the user the hacker.&#8221;<\/p>\n","protected":false},"author":1008,"featured_media":1249,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-1248","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-local-it"],"aioseo_notices":[],"aioseo_head":"\n\t\t<!-- All in One SEO Pro 4.9.10 - aioseo.com -->\n\t<meta name=\"description\" content=\"A massive &quot;ClickFix&quot; phishing campaign is targeting hotels and hospitality. Scammers use fake Google\/Microsoft error pop-ups to steal credentials. See the warning signs.\" \/>\n\t<meta name=\"robots\" content=\"max-image-preview:large\" \/>\n\t<meta name=\"author\" content=\"alopez\"\/>\n\t<link rel=\"canonical\" href=\"https:\/\/cmitsolutions.com\/lasvegas-nv-1206\/blog\/clickfix-phishing-hospitality-threat-alert\/\" \/>\n\t<meta name=\"generator\" content=\"All in One SEO Pro (AIOSEO) 4.9.10\" \/>\n\t\t<meta property=\"og:locale\" content=\"en_US\" \/>\n\t\t<meta property=\"og:site_name\" content=\"Las Vegas, NV 1206 | CMIT Solutions\" \/>\n\t\t<meta property=\"og:type\" content=\"article\" \/>\n\t\t<meta property=\"og:title\" content=\"ClickFix Phishing Alert: The New Fake Update Threat Targeting Las Vegas Hospitality\" \/>\n\t\t<meta property=\"og:description\" content=\"A massive &quot;ClickFix&quot; phishing campaign is targeting hotels and hospitality. Scammers use fake Google\/Microsoft error pop-ups to steal credentials. See the warning signs.\" \/>\n\t\t<meta property=\"og:url\" content=\"https:\/\/cmitsolutions.com\/lasvegas-nv-1206\/blog\/clickfix-phishing-hospitality-threat-alert\/\" \/>\n\t\t<meta property=\"og:image\" content=\"https:\/\/cmitsolutions.com\/lasvegas-nv-1206\/wp-content\/uploads\/sites\/222\/2025\/11\/CMIT-SOlutions-of-Las-Vegas-Logo.png\" \/>\n\t\t<meta property=\"og:image:secure_url\" content=\"https:\/\/cmitsolutions.com\/lasvegas-nv-1206\/wp-content\/uploads\/sites\/222\/2025\/11\/CMIT-SOlutions-of-Las-Vegas-Logo.png\" \/>\n\t\t<meta property=\"og:image:width\" content=\"1024\" \/>\n\t\t<meta property=\"og:image:height\" content=\"1024\" \/>\n\t\t<meta property=\"article:published_time\" content=\"2026-02-11T06:28:17+00:00\" \/>\n\t\t<meta property=\"article:modified_time\" content=\"2026-02-11T06:28:17+00:00\" \/>\n\t\t<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/profile.php?id=61565701510916\" \/>\n\t\t<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n\t\t<meta name=\"twitter:site\" content=\"@2adamlopez\" \/>\n\t\t<meta name=\"twitter:title\" content=\"ClickFix Phishing Alert: The New Fake Update Threat Targeting Las Vegas Hospitality\" \/>\n\t\t<meta name=\"twitter:description\" content=\"A massive &quot;ClickFix&quot; phishing campaign is targeting hotels and hospitality. Scammers use fake Google\/Microsoft error pop-ups to steal credentials. See the warning signs.\" \/>\n\t\t<meta name=\"twitter:creator\" content=\"@2adamlopez\" \/>\n\t\t<meta name=\"twitter:image\" content=\"https:\/\/cmitsolutions.com\/lasvegas-nv-1206\/wp-content\/uploads\/sites\/222\/2025\/11\/CMIT-SOlutions-of-Las-Vegas-Logo.png\" \/>\n\t\t<script type=\"application\/ld+json\" class=\"aioseo-schema\">\n\t\t\t{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"BlogPosting\",\"@id\":\"https:\\\/\\\/cmitsolutions.com\\\/lasvegas-nv-1206\\\/blog\\\/clickfix-phishing-hospitality-threat-alert\\\/#blogposting\",\"name\":\"ClickFix Phishing Alert: The New Fake Update Threat Targeting Las Vegas Hospitality\",\"headline\":\"ClickFix- Phishing Alert: The New Fake Update Threat Targeting Las Vegas Hospitality\",\"author\":{\"@id\":\"https:\\\/\\\/cmitsolutions.com\\\/lasvegas-nv-1206\\\/blog\\\/author\\\/alopez\\\/#author\"},\"publisher\":{\"@id\":\"https:\\\/\\\/cmitsolutions.com\\\/lasvegas-nv-1206\\\/#organization\"},\"image\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/cmitsolutions.com\\\/lasvegas-nv-1206\\\/wp-content\\\/uploads\\\/sites\\\/222\\\/2026\\\/02\\\/ClickFix-phishing-attack-Las-Vegas.png\",\"width\":1024,\"height\":1024,\"caption\":\"Don't click \\\"Fix It.\\\" Hackers are using fake browser errors to steal login tokens from Las Vegas hotel staff. See how this \\\"social engineering\\\" attack works.\"},\"datePublished\":\"2026-02-11T00:28:17-06:00\",\"dateModified\":\"2026-02-11T00:28:17-06:00\",\"inLanguage\":\"en-US\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/cmitsolutions.com\\\/lasvegas-nv-1206\\\/blog\\\/clickfix-phishing-hospitality-threat-alert\\\/#webpage\"},\"isPartOf\":{\"@id\":\"https:\\\/\\\/cmitsolutions.com\\\/lasvegas-nv-1206\\\/blog\\\/clickfix-phishing-hospitality-threat-alert\\\/#webpage\"},\"articleSection\":\"Local IT\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/cmitsolutions.com\\\/lasvegas-nv-1206\\\/blog\\\/clickfix-phishing-hospitality-threat-alert\\\/#breadcrumblist\",\"itemListElement\":[{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/cmitsolutions.com\\\/lasvegas-nv-1206#listItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/cmitsolutions.com\\\/lasvegas-nv-1206\",\"nextItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/cmitsolutions.com\\\/lasvegas-nv-1206\\\/blog\\\/category\\\/local-it\\\/#listItem\",\"name\":\"Local IT\"}},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/cmitsolutions.com\\\/lasvegas-nv-1206\\\/blog\\\/category\\\/local-it\\\/#listItem\",\"position\":2,\"name\":\"Local IT\",\"item\":\"https:\\\/\\\/cmitsolutions.com\\\/lasvegas-nv-1206\\\/blog\\\/category\\\/local-it\\\/\",\"nextItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/cmitsolutions.com\\\/lasvegas-nv-1206\\\/blog\\\/clickfix-phishing-hospitality-threat-alert\\\/#listItem\",\"name\":\"ClickFix- Phishing Alert: The New Fake Update Threat Targeting Las Vegas Hospitality\"},\"previousItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/cmitsolutions.com\\\/lasvegas-nv-1206#listItem\",\"name\":\"Home\"}},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/cmitsolutions.com\\\/lasvegas-nv-1206\\\/blog\\\/clickfix-phishing-hospitality-threat-alert\\\/#listItem\",\"position\":3,\"name\":\"ClickFix- Phishing Alert: The New Fake Update Threat Targeting Las Vegas Hospitality\",\"previousItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/cmitsolutions.com\\\/lasvegas-nv-1206\\\/blog\\\/category\\\/local-it\\\/#listItem\",\"name\":\"Local IT\"}}]},{\"@type\":\"FAQPage\",\"mainEntity\":[{\"@type\":\"Question\",\"name\":\"What is the ClickFix phishing attack?\",\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"ClickFix is a social engineering attack that mimics legitimate error messages (like Google Chrome updates or Word errors). It tricks users into copying malicious code to their clipboard and pasting it into PowerShell to 'fix' the issue.\"}},{\"@type\":\"Question\",\"name\":\"Does ClickFix target Las Vegas hotels?\",\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"Yes. Security researchers have identified the hospitality and transport sectors as primary targets. Attackers often compromise booking portals or use fake reservation confirmations to trigger the error pop-ups.\"}}]},{\"@type\":\"NewsArticle\",\"headline\":\"'ClickFix' Phishing Campaign Targets Las Vegas Hospitality\",\"image\":[\"https:\\\/\\\/cmitsolutions.com\\\/lasvegas-nv-1206\\\/wp-content\\\/uploads\\\/sites\\\/1206\\\/clickfix-fake-update-scam.jpg\"],\"datePublished\":\"2026-02-10T08:00:00+08:00\",\"dateModified\":\"2026-02-10T09:30:00+08:00\",\"author\":{\"@type\":\"Person\",\"name\":\"Adam Lopez\",\"jobTitle\":\"Owner, CMIT Solutions of Las Vegas\",\"url\":\"https:\\\/\\\/cmitsolutions.com\\\/lasvegas-nv-1206\\\/about-us\\\/\"},\"publisher\":{\"@type\":\"Organization\",\"name\":\"CMIT Solutions of Las Vegas\",\"logo\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/cmitsolutions.com\\\/lasvegas-nv-1206\\\/wp-content\\\/uploads\\\/sites\\\/1206\\\/2019\\\/12\\\/cmit-logo-square.png\"}},\"description\":\"A new 'ClickFix' social engineering attack is targeting hotel and transport staff with fake browser errors, tricking them into running malicious PowerShell scripts.\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/cmitsolutions.com\\\/lasvegas-nv-1206\\\/#organization\",\"name\":\"CMIT Solutions Las Vegas\",\"description\":\"CMIT Solutions of Las Vegas provides managed IT services, cybersecurity, 24.7 help desk support, on-site technical help, compliance management, and full IT management for small and mid-size businesses across Las Vegas.\",\"url\":\"https:\\\/\\\/cmitsolutions.com\\\/lasvegas-nv-1206\\\/\",\"email\":\"adam.lopez@cmitsolutions.com\",\"telephone\":\"+17027252877\",\"logo\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/cmitsolutions.com\\\/lasvegas-nv-1206\\\/wp-content\\\/uploads\\\/sites\\\/222\\\/2025\\\/11\\\/CMIT-SOlutions-of-Las-Vegas-Logo.png\",\"@id\":\"https:\\\/\\\/cmitsolutions.com\\\/lasvegas-nv-1206\\\/blog\\\/clickfix-phishing-hospitality-threat-alert\\\/#organizationLogo\",\"width\":1024,\"height\":1024,\"caption\":\"CMIT Solutions Las Vegas\"},\"image\":{\"@id\":\"https:\\\/\\\/cmitsolutions.com\\\/lasvegas-nv-1206\\\/blog\\\/clickfix-phishing-hospitality-threat-alert\\\/#organizationLogo\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/profile.php?id=61565701510916\",\"https:\\\/\\\/x.com\\\/2adamlopez\",\"https:\\\/\\\/www.instagram.com\\\/cmitlasvegas\\\/\",\"https:\\\/\\\/www.tiktok.com\\\/@lasvegasit\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/73245673\"],\"address\":{\"@id\":\"https:\\\/\\\/cmitsolutions.com\\\/lasvegas-nv-1206\\\/#postaladdress\",\"@type\":\"PostalAddress\",\"streetAddress\":\"3111 S. Valley View Blvd, Suite A205\",\"postalCode\":\"89102\",\"addressLocality\":\"Las Vegas\",\"addressRegion\":\"Nevada\",\"addressCountry\":\"US\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/cmitsolutions.com\\\/lasvegas-nv-1206\\\/blog\\\/author\\\/alopez\\\/#author\",\"url\":\"https:\\\/\\\/cmitsolutions.com\\\/lasvegas-nv-1206\\\/blog\\\/author\\\/alopez\\\/\",\"name\":\"alopez\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\\\/\\\/cmitsolutions.com\\\/lasvegas-nv-1206\\\/blog\\\/clickfix-phishing-hospitality-threat-alert\\\/#authorImage\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/ce698654ad0e8747a29b590c63d466057ce41c61fdd40faf3fc697dbab6006b5?s=96&d=mm&r=g\",\"width\":96,\"height\":96,\"caption\":\"alopez\"}},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/cmitsolutions.com\\\/lasvegas-nv-1206\\\/blog\\\/clickfix-phishing-hospitality-threat-alert\\\/#webpage\",\"url\":\"https:\\\/\\\/cmitsolutions.com\\\/lasvegas-nv-1206\\\/blog\\\/clickfix-phishing-hospitality-threat-alert\\\/\",\"name\":\"ClickFix Phishing Alert: The New Fake Update Threat Targeting Las Vegas Hospitality\",\"description\":\"A massive \\\"ClickFix\\\" phishing campaign is targeting hotels and hospitality. Scammers use fake Google\\\/Microsoft error pop-ups to steal credentials. See the warning signs.\",\"inLanguage\":\"en-US\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/cmitsolutions.com\\\/lasvegas-nv-1206\\\/#website\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/cmitsolutions.com\\\/lasvegas-nv-1206\\\/blog\\\/clickfix-phishing-hospitality-threat-alert\\\/#breadcrumblist\"},\"author\":{\"@id\":\"https:\\\/\\\/cmitsolutions.com\\\/lasvegas-nv-1206\\\/blog\\\/author\\\/alopez\\\/#author\"},\"creator\":{\"@id\":\"https:\\\/\\\/cmitsolutions.com\\\/lasvegas-nv-1206\\\/blog\\\/author\\\/alopez\\\/#author\"},\"image\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/cmitsolutions.com\\\/lasvegas-nv-1206\\\/wp-content\\\/uploads\\\/sites\\\/222\\\/2026\\\/02\\\/ClickFix-phishing-attack-Las-Vegas.png\",\"@id\":\"https:\\\/\\\/cmitsolutions.com\\\/lasvegas-nv-1206\\\/blog\\\/clickfix-phishing-hospitality-threat-alert\\\/#mainImage\",\"width\":1024,\"height\":1024,\"caption\":\"Don't click \\\"Fix It.\\\" Hackers are using fake browser errors to steal login tokens from Las Vegas hotel staff. See how this \\\"social engineering\\\" attack works.\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/cmitsolutions.com\\\/lasvegas-nv-1206\\\/blog\\\/clickfix-phishing-hospitality-threat-alert\\\/#mainImage\"},\"datePublished\":\"2026-02-11T00:28:17-06:00\",\"dateModified\":\"2026-02-11T00:28:17-06:00\"},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/cmitsolutions.com\\\/lasvegas-nv-1206\\\/#website\",\"url\":\"https:\\\/\\\/cmitsolutions.com\\\/lasvegas-nv-1206\\\/\",\"name\":\"CMIT Solutions Las Vegas\",\"description\":\"CMIT Solutions\",\"inLanguage\":\"en-US\",\"publisher\":{\"@id\":\"https:\\\/\\\/cmitsolutions.com\\\/lasvegas-nv-1206\\\/#organization\"}}]}\n\t\t<\/script>\n\t\t<!-- All in One SEO Pro -->\r\n\t\t<title>ClickFix Phishing Alert: The New Fake Update Threat Targeting Las Vegas Hospitality<\/title>\n\n","aioseo_head_json":{"title":"ClickFix Phishing Alert: The New Fake Update Threat Targeting Las Vegas Hospitality","description":"A massive \"ClickFix\" phishing campaign is targeting hotels and hospitality. Scammers use fake Google\/Microsoft error pop-ups to steal credentials. See the warning signs.","canonical_url":"https:\/\/cmitsolutions.com\/lasvegas-nv-1206\/blog\/clickfix-phishing-hospitality-threat-alert\/","robots":"max-image-preview:large","keywords":"","webmasterTools":{"miscellaneous":""},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"BlogPosting","@id":"https:\/\/cmitsolutions.com\/lasvegas-nv-1206\/blog\/clickfix-phishing-hospitality-threat-alert\/#blogposting","name":"ClickFix Phishing Alert: The New Fake Update Threat Targeting Las Vegas Hospitality","headline":"ClickFix- Phishing Alert: The New Fake Update Threat Targeting Las Vegas Hospitality","author":{"@id":"https:\/\/cmitsolutions.com\/lasvegas-nv-1206\/blog\/author\/alopez\/#author"},"publisher":{"@id":"https:\/\/cmitsolutions.com\/lasvegas-nv-1206\/#organization"},"image":{"@type":"ImageObject","url":"https:\/\/cmitsolutions.com\/lasvegas-nv-1206\/wp-content\/uploads\/sites\/222\/2026\/02\/ClickFix-phishing-attack-Las-Vegas.png","width":1024,"height":1024,"caption":"Don't click \"Fix It.\" Hackers are using fake browser errors to steal login tokens from Las Vegas hotel staff. See how this \"social engineering\" attack works."},"datePublished":"2026-02-11T00:28:17-06:00","dateModified":"2026-02-11T00:28:17-06:00","inLanguage":"en-US","mainEntityOfPage":{"@id":"https:\/\/cmitsolutions.com\/lasvegas-nv-1206\/blog\/clickfix-phishing-hospitality-threat-alert\/#webpage"},"isPartOf":{"@id":"https:\/\/cmitsolutions.com\/lasvegas-nv-1206\/blog\/clickfix-phishing-hospitality-threat-alert\/#webpage"},"articleSection":"Local IT"},{"@type":"BreadcrumbList","@id":"https:\/\/cmitsolutions.com\/lasvegas-nv-1206\/blog\/clickfix-phishing-hospitality-threat-alert\/#breadcrumblist","itemListElement":[{"@type":"ListItem","@id":"https:\/\/cmitsolutions.com\/lasvegas-nv-1206#listItem","position":1,"name":"Home","item":"https:\/\/cmitsolutions.com\/lasvegas-nv-1206","nextItem":{"@type":"ListItem","@id":"https:\/\/cmitsolutions.com\/lasvegas-nv-1206\/blog\/category\/local-it\/#listItem","name":"Local IT"}},{"@type":"ListItem","@id":"https:\/\/cmitsolutions.com\/lasvegas-nv-1206\/blog\/category\/local-it\/#listItem","position":2,"name":"Local IT","item":"https:\/\/cmitsolutions.com\/lasvegas-nv-1206\/blog\/category\/local-it\/","nextItem":{"@type":"ListItem","@id":"https:\/\/cmitsolutions.com\/lasvegas-nv-1206\/blog\/clickfix-phishing-hospitality-threat-alert\/#listItem","name":"ClickFix- Phishing Alert: The New Fake Update Threat Targeting Las Vegas Hospitality"},"previousItem":{"@type":"ListItem","@id":"https:\/\/cmitsolutions.com\/lasvegas-nv-1206#listItem","name":"Home"}},{"@type":"ListItem","@id":"https:\/\/cmitsolutions.com\/lasvegas-nv-1206\/blog\/clickfix-phishing-hospitality-threat-alert\/#listItem","position":3,"name":"ClickFix- Phishing Alert: The New Fake Update Threat Targeting Las Vegas Hospitality","previousItem":{"@type":"ListItem","@id":"https:\/\/cmitsolutions.com\/lasvegas-nv-1206\/blog\/category\/local-it\/#listItem","name":"Local IT"}}]},{"@type":"FAQPage","mainEntity":[{"@type":"Question","name":"What is the ClickFix phishing attack?","acceptedAnswer":{"@type":"Answer","text":"ClickFix is a social engineering attack that mimics legitimate error messages (like Google Chrome updates or Word errors). It tricks users into copying malicious code to their clipboard and pasting it into PowerShell to 'fix' the issue."}},{"@type":"Question","name":"Does ClickFix target Las Vegas hotels?","acceptedAnswer":{"@type":"Answer","text":"Yes. Security researchers have identified the hospitality and transport sectors as primary targets. Attackers often compromise booking portals or use fake reservation confirmations to trigger the error pop-ups."}}]},{"@type":"NewsArticle","headline":"'ClickFix' Phishing Campaign Targets Las Vegas Hospitality","image":["https:\/\/cmitsolutions.com\/lasvegas-nv-1206\/wp-content\/uploads\/sites\/1206\/clickfix-fake-update-scam.jpg"],"datePublished":"2026-02-10T08:00:00+08:00","dateModified":"2026-02-10T09:30:00+08:00","author":{"@type":"Person","name":"Adam Lopez","jobTitle":"Owner, CMIT Solutions of Las Vegas","url":"https:\/\/cmitsolutions.com\/lasvegas-nv-1206\/about-us\/"},"publisher":{"@type":"Organization","name":"CMIT Solutions of Las Vegas","logo":{"@type":"ImageObject","url":"https:\/\/cmitsolutions.com\/lasvegas-nv-1206\/wp-content\/uploads\/sites\/1206\/2019\/12\/cmit-logo-square.png"}},"description":"A new 'ClickFix' social engineering attack is targeting hotel and transport staff with fake browser errors, tricking them into running malicious PowerShell scripts."},{"@type":"Organization","@id":"https:\/\/cmitsolutions.com\/lasvegas-nv-1206\/#organization","name":"CMIT Solutions Las Vegas","description":"CMIT Solutions of Las Vegas provides managed IT services, cybersecurity, 24.7 help desk support, on-site technical help, compliance management, and full IT management for small and mid-size businesses across Las Vegas.","url":"https:\/\/cmitsolutions.com\/lasvegas-nv-1206\/","email":"adam.lopez@cmitsolutions.com","telephone":"+17027252877","logo":{"@type":"ImageObject","url":"https:\/\/cmitsolutions.com\/lasvegas-nv-1206\/wp-content\/uploads\/sites\/222\/2025\/11\/CMIT-SOlutions-of-Las-Vegas-Logo.png","@id":"https:\/\/cmitsolutions.com\/lasvegas-nv-1206\/blog\/clickfix-phishing-hospitality-threat-alert\/#organizationLogo","width":1024,"height":1024,"caption":"CMIT Solutions Las Vegas"},"image":{"@id":"https:\/\/cmitsolutions.com\/lasvegas-nv-1206\/blog\/clickfix-phishing-hospitality-threat-alert\/#organizationLogo"},"sameAs":["https:\/\/www.facebook.com\/profile.php?id=61565701510916","https:\/\/x.com\/2adamlopez","https:\/\/www.instagram.com\/cmitlasvegas\/","https:\/\/www.tiktok.com\/@lasvegasit","https:\/\/www.linkedin.com\/company\/73245673"],"address":{"@id":"https:\/\/cmitsolutions.com\/lasvegas-nv-1206\/#postaladdress","@type":"PostalAddress","streetAddress":"3111 S. Valley View Blvd, Suite A205","postalCode":"89102","addressLocality":"Las Vegas","addressRegion":"Nevada","addressCountry":"US"}},{"@type":"Person","@id":"https:\/\/cmitsolutions.com\/lasvegas-nv-1206\/blog\/author\/alopez\/#author","url":"https:\/\/cmitsolutions.com\/lasvegas-nv-1206\/blog\/author\/alopez\/","name":"alopez","image":{"@type":"ImageObject","@id":"https:\/\/cmitsolutions.com\/lasvegas-nv-1206\/blog\/clickfix-phishing-hospitality-threat-alert\/#authorImage","url":"https:\/\/secure.gravatar.com\/avatar\/ce698654ad0e8747a29b590c63d466057ce41c61fdd40faf3fc697dbab6006b5?s=96&d=mm&r=g","width":96,"height":96,"caption":"alopez"}},{"@type":"WebPage","@id":"https:\/\/cmitsolutions.com\/lasvegas-nv-1206\/blog\/clickfix-phishing-hospitality-threat-alert\/#webpage","url":"https:\/\/cmitsolutions.com\/lasvegas-nv-1206\/blog\/clickfix-phishing-hospitality-threat-alert\/","name":"ClickFix Phishing Alert: The New Fake Update Threat Targeting Las Vegas Hospitality","description":"A massive \"ClickFix\" phishing campaign is targeting hotels and hospitality. Scammers use fake Google\/Microsoft error pop-ups to steal credentials. See the warning signs.","inLanguage":"en-US","isPartOf":{"@id":"https:\/\/cmitsolutions.com\/lasvegas-nv-1206\/#website"},"breadcrumb":{"@id":"https:\/\/cmitsolutions.com\/lasvegas-nv-1206\/blog\/clickfix-phishing-hospitality-threat-alert\/#breadcrumblist"},"author":{"@id":"https:\/\/cmitsolutions.com\/lasvegas-nv-1206\/blog\/author\/alopez\/#author"},"creator":{"@id":"https:\/\/cmitsolutions.com\/lasvegas-nv-1206\/blog\/author\/alopez\/#author"},"image":{"@type":"ImageObject","url":"https:\/\/cmitsolutions.com\/lasvegas-nv-1206\/wp-content\/uploads\/sites\/222\/2026\/02\/ClickFix-phishing-attack-Las-Vegas.png","@id":"https:\/\/cmitsolutions.com\/lasvegas-nv-1206\/blog\/clickfix-phishing-hospitality-threat-alert\/#mainImage","width":1024,"height":1024,"caption":"Don't click \"Fix It.\" Hackers are using fake browser errors to steal login tokens from Las Vegas hotel staff. See how this \"social engineering\" attack works."},"primaryImageOfPage":{"@id":"https:\/\/cmitsolutions.com\/lasvegas-nv-1206\/blog\/clickfix-phishing-hospitality-threat-alert\/#mainImage"},"datePublished":"2026-02-11T00:28:17-06:00","dateModified":"2026-02-11T00:28:17-06:00"},{"@type":"WebSite","@id":"https:\/\/cmitsolutions.com\/lasvegas-nv-1206\/#website","url":"https:\/\/cmitsolutions.com\/lasvegas-nv-1206\/","name":"CMIT Solutions Las Vegas","description":"CMIT Solutions","inLanguage":"en-US","publisher":{"@id":"https:\/\/cmitsolutions.com\/lasvegas-nv-1206\/#organization"}}]},"og:locale":"en_US","og:site_name":"Las Vegas, NV 1206 | CMIT Solutions","og:type":"article","og:title":"ClickFix Phishing Alert: The New Fake Update Threat Targeting Las Vegas Hospitality","og:description":"A massive &quot;ClickFix&quot; phishing campaign is targeting hotels and hospitality. Scammers use fake Google\/Microsoft error pop-ups to steal credentials. See the warning signs.","og:url":"https:\/\/cmitsolutions.com\/lasvegas-nv-1206\/blog\/clickfix-phishing-hospitality-threat-alert\/","og:image":"https:\/\/cmitsolutions.com\/lasvegas-nv-1206\/wp-content\/uploads\/sites\/222\/2025\/11\/CMIT-SOlutions-of-Las-Vegas-Logo.png","og:image:secure_url":"https:\/\/cmitsolutions.com\/lasvegas-nv-1206\/wp-content\/uploads\/sites\/222\/2025\/11\/CMIT-SOlutions-of-Las-Vegas-Logo.png","og:image:width":1024,"og:image:height":1024,"article:published_time":"2026-02-11T06:28:17+00:00","article:modified_time":"2026-02-11T06:28:17+00:00","article:publisher":"https:\/\/www.facebook.com\/profile.php?id=61565701510916","twitter:card":"summary_large_image","twitter:site":"@2adamlopez","twitter:title":"ClickFix Phishing Alert: The New Fake Update Threat Targeting Las Vegas Hospitality","twitter:description":"A massive &quot;ClickFix&quot; phishing campaign is targeting hotels and hospitality. Scammers use fake Google\/Microsoft error pop-ups to steal credentials. See the warning signs.","twitter:creator":"@2adamlopez","twitter:image":"https:\/\/cmitsolutions.com\/lasvegas-nv-1206\/wp-content\/uploads\/sites\/222\/2025\/11\/CMIT-SOlutions-of-Las-Vegas-Logo.png"},"aioseo_meta_data":{"post_id":"1248","title":"ClickFix Phishing Alert: The New Fake Update Threat Targeting Las Vegas Hospitality","description":"A massive \"ClickFix\" phishing campaign is targeting hotels and hospitality. Scammers use fake Google\/Microsoft error pop-ups to steal credentials. See the warning signs.","keywords":null,"keyphrases":{"focus":{"keyphrase":"ClickFix phishing attack Las Vegas","score":32,"analysis":{"keyphraseInTitle":{"score":3,"maxScore":9,"error":1},"keyphraseInDescription":{"score":3,"maxScore":9,"error":1},"keyphraseLength":{"score":6,"maxScore":9,"error":1,"length":5},"keyphraseInURL":{"score":1,"maxScore":5,"error":1},"keyphraseInIntroduction":{"score":3,"maxScore":9,"error":1},"keyphraseInSubHeadings":{"score":3,"maxScore":9,"error":1},"keyphraseInImageAlt":[],"keywordDensity":{"score":0,"type":"low","maxScore":9,"error":1}}},"additional":[{"keyphrase":"Fake Google Chrome update scam","score":33,"analysis":{"keyphraseInDescription":{"score":3,"maxScore":9,"error":1},"keyphraseLength":{"score":6,"maxScore":9,"error":1,"length":5},"keyphraseInIntroduction":{"score":3,"maxScore":9,"error":1},"keyphraseInImageAlt":[],"keywordDensity":{"score":0,"type":"low","maxScore":9,"error":1}}},{"keyphrase":"hospitality cybersecurity threats","score":42,"analysis":{"keyphraseInDescription":{"score":3,"maxScore":9,"error":1},"keyphraseLength":{"score":9,"maxScore":9,"error":0,"length":3},"keyphraseInIntroduction":{"score":3,"maxScore":9,"error":1},"keyphraseInImageAlt":[],"keywordDensity":{"score":0,"type":"low","maxScore":9,"error":1}}},{"keyphrase":"Booking.com phishing campaign","score":42,"analysis":{"keyphraseInDescription":{"score":3,"maxScore":9,"error":1},"keyphraseLength":{"score":9,"maxScore":9,"error":0,"length":3},"keyphraseInIntroduction":{"score":3,"maxScore":9,"error":1},"keyphraseInImageAlt":[],"keywordDensity":{"score":0,"type":"low","maxScore":9,"error":1}}},{"keyphrase":"PowerShell script malware","score":42,"analysis":{"keyphraseInDescription":{"score":3,"maxScore":9,"error":1},"keyphraseLength":{"score":9,"maxScore":9,"error":0,"length":3},"keyphraseInIntroduction":{"score":3,"maxScore":9,"error":1},"keyphraseInImageAlt":[],"keywordDensity":{"score":0,"type":"low","maxScore":9,"error":1}}}]},"primary_term":null,"canonical_url":null,"og_title":null,"og_description":null,"og_object_type":"default","og_image_type":"default","og_image_url":null,"og_image_width":null,"og_image_height":null,"og_image_custom_url":null,"og_image_custom_fields":null,"og_video":"","og_custom_url":null,"og_article_section":null,"og_article_tags":null,"twitter_use_og":false,"twitter_card":"default","twitter_image_type":"default","twitter_image_url":null,"twitter_image_custom_url":null,"twitter_image_custom_fields":null,"twitter_title":null,"twitter_description":null,"schema":{"blockGraphs":[],"customGraphs":[{"id":"#aioseo-custom-mlhn1ian","custom":true,"graphName":"FAQPage","schema":"{ \"@type\": \"FAQPage\", \"mainEntity\": [ { \"@type\": \"Question\", \"name\": \"What is the ClickFix phishing attack?\", \"acceptedAnswer\": { \"@type\": \"Answer\", \"text\": \"ClickFix is a social engineering attack that mimics legitimate error messages (like Google Chrome updates or Word errors). It tricks users into copying malicious code to their clipboard and pasting it into PowerShell to 'fix' the issue.\" } }, { \"@type\": \"Question\", \"name\": \"Does ClickFix target Las Vegas hotels?\", \"acceptedAnswer\": { \"@type\": \"Answer\", \"text\": \"Yes. Security researchers have identified the hospitality and transport sectors as primary targets. Attackers often compromise booking portals or use fake reservation confirmations to trigger the error pop-ups.\" } } ] }"},{"id":"#aioseo-custom-mlhn19rm","custom":true,"graphName":"NewsArticle","schema":"{ \"@type\": \"NewsArticle\", \"headline\": \"'ClickFix' Phishing Campaign Targets Las Vegas Hospitality\", \"image\": [ \"https:\/\/cmitsolutions.com\/lasvegas-nv-1206\/wp-content\/uploads\/sites\/1206\/clickfix-fake-update-scam.jpg\" ], \"datePublished\": \"2026-02-10T08:00:00+08:00\", \"dateModified\": \"2026-02-10T09:30:00+08:00\", \"author\": { \"@type\": \"Person\", \"name\": \"Adam Lopez\", \"jobTitle\": \"Owner, CMIT Solutions of Las Vegas\", \"url\": \"https:\/\/cmitsolutions.com\/lasvegas-nv-1206\/about-us\/\" }, \"publisher\": { \"@type\": \"Organization\", \"name\": \"CMIT Solutions of Las Vegas\", \"logo\": { \"@type\": \"ImageObject\", \"url\": \"https:\/\/cmitsolutions.com\/lasvegas-nv-1206\/wp-content\/uploads\/sites\/1206\/2019\/12\/cmit-logo-square.png\" } }, \"description\": \"A new 'ClickFix' social engineering attack is targeting hotel and transport staff with fake browser errors, tricking them into running malicious PowerShell scripts.\" }"}],"default":{"data":{"Article":[],"Course":[],"Dataset":[],"FAQPage":[],"Movie":[],"Person":[],"Product":[],"ProductReview":[],"Car":[],"Recipe":[],"Service":[],"SoftwareApplication":[],"WebPage":[]},"graphName":"BlogPosting","isEnabled":true},"graphs":[]},"schema_type":"default","schema_type_options":null,"pillar_content":false,"robots_default":true,"robots_noindex":false,"robots_noarchive":false,"robots_nosnippet":false,"robots_nofollow":false,"robots_noimageindex":false,"robots_noodp":false,"robots_notranslate":false,"robots_max_snippet":"-1","robots_max_videopreview":"-1","robots_max_imagepreview":"large","priority":null,"frequency":"default","local_seo":null,"breadcrumb_settings":null,"limit_modified_date":false,"open_ai":null,"ai":{"faqs":[],"keyPoints":[],"titles":[],"descriptions":[],"socialPosts":{"email":[],"linkedin":[],"twitter":[],"facebook":[],"instagram":[]}},"created":"2026-02-11 06:14:27","updated":"2026-05-13 05:08:04","seo_analyzer_scan_date":"2026-05-13 05:08:04"},"aioseo_breadcrumb":"<div class=\"aioseo-breadcrumbs\"><span class=\"aioseo-breadcrumb\">\n\t<a href=\"https:\/\/cmitsolutions.com\/lasvegas-nv-1206\" title=\"Home\">Home<\/a>\n<\/span><span class=\"aioseo-breadcrumb-separator\">\u00bb<\/span><span class=\"aioseo-breadcrumb\">\n\t<a href=\"https:\/\/cmitsolutions.com\/lasvegas-nv-1206\/blog\/category\/local-it\/\" title=\"Local IT\">Local IT<\/a>\n<\/span><span class=\"aioseo-breadcrumb-separator\">\u00bb<\/span><span class=\"aioseo-breadcrumb\">\n\tClickFix- Phishing Alert: The New Fake Update Threat Targeting Las Vegas Hospitality\n<\/span><\/div>","aioseo_breadcrumb_json":[{"label":"Home","link":"https:\/\/cmitsolutions.com\/lasvegas-nv-1206"},{"label":"Local IT","link":"https:\/\/cmitsolutions.com\/lasvegas-nv-1206\/blog\/category\/local-it\/"},{"label":"ClickFix- Phishing Alert: The New Fake Update Threat Targeting Las Vegas Hospitality","link":"https:\/\/cmitsolutions.com\/lasvegas-nv-1206\/blog\/clickfix-phishing-hospitality-threat-alert\/"}],"_links":{"self":[{"href":"https:\/\/cmitsolutions.com\/lasvegas-nv-1206\/wp-json\/wp\/v2\/posts\/1248","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cmitsolutions.com\/lasvegas-nv-1206\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cmitsolutions.com\/lasvegas-nv-1206\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cmitsolutions.com\/lasvegas-nv-1206\/wp-json\/wp\/v2\/users\/1008"}],"replies":[{"embeddable":true,"href":"https:\/\/cmitsolutions.com\/lasvegas-nv-1206\/wp-json\/wp\/v2\/comments?post=1248"}],"version-history":[{"count":0,"href":"https:\/\/cmitsolutions.com\/lasvegas-nv-1206\/wp-json\/wp\/v2\/posts\/1248\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cmitsolutions.com\/lasvegas-nv-1206\/wp-json\/wp\/v2\/media\/1249"}],"wp:attachment":[{"href":"https:\/\/cmitsolutions.com\/lasvegas-nv-1206\/wp-json\/wp\/v2\/media?parent=1248"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cmitsolutions.com\/lasvegas-nv-1206\/wp-json\/wp\/v2\/categories?post=1248"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cmitsolutions.com\/lasvegas-nv-1206\/wp-json\/wp\/v2\/tags?post=1248"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}