Beware of fake Reddit solutions delivering dangerous malware

In these cases, adding Reddit to your search query can be a game changer. Nine times out of 10, someone on Reddit has faced the same issue, and there's probably a solution. 

But bad actors have caught on to this, too. They're now mimicking Reddit to spread malware that can steal your personal information.

On these fake Reddit pages, attackers create a fabricated discussion where one user asks for help downloading a tool, another offers a WeTransfer link and a third expresses gratitude to make the exchange seem real. Clicking the link redirects victims to a counterfeit WeTransfer site, where the download button delivers the Lumma Stealer malware.

All these fake pages have the following things in common:

Hackers are using fake Reddit pages to spread Lumma Stealer, a powerful malware designed to steal personal data while staying under the radar. Once it infects a device, it can grab passwords stored in web browsers and session tokens, allowing attackers to hijack accounts without even needing a password.

1. Be cautious with download links: Avoid downloading files from random Reddit discussions, social media messages or unfamiliar websites. If an unknown user shares the link or seems out of place in the context, it's better to err on the side of caution. If the link is directing you to a file-sharing site like WeTransfer or Google Drive, double-check the URL for any signs of manipulation-like random characters added to the domain name.

3. Verify website URLs: Fake websites often look convincing but have slight differences in their URLs. Check for misspellings, extra characters or unusual domains (e.g., ".org" or ".net" instead of the official ".com").

Follow Kurt on his social channels:

Answers to the most asked CyberGuy questions:

New from Kurt:

Copyright 2025 CyberGuy.com. All rights reserved.