Copying and pasting text is something we all do countless times a day. But what if that innocent action could be the gateway for cyber criminals to compromise your data, steal your credentials, or infect your device? In recent years, malicious actors have increasingly exploited this everyday habit to launch targeted attacks - and Australians are not immune.

How It Works

Cyber criminals often embed hidden code or dangerous commands into text that appears harmless. This technique can be particularly effective in:

• Command Line Instructions: If you copy and paste a command from a forum or tutorial into your terminal or console, it may contain hidden code that gives attackers control of your system.
• Web Forms and Scripts: Text copied from emails, messaging apps, or dodgy websites can include embedded scripts that execute once pasted into a vulnerable application.
• Clipboard Hijacking: Some malware can monitor your clipboard and replace its contents - for example, changing a bank account number to the attacker's details.

Example - TRY IT YOURSELF

For example, if you were searching for a way to update your Linux computer, you may find a solution with a command like the one below that you can copy and paste into your terminal session.

Try and copy the command below:

sudo apt update && sudo apt upgrade

Now paste what you have copied into the below text-box:

As you can see, the pasted text is not the same as what you thought you were copying. And even if you did happen to notice that it is not the same command, it also added a new-line character at the end. If that would be pasted directly into a terminal session, the malicious command will be automatically executed.

How to Stay Safe

• Always Understand What You're Pasting: Don't paste commands you don't fully understand, especially those involving system privileges.
• Verify Sources: Only use instructions from trusted, reputable websites. Be cautious of forums and social media posts.
• Use Plain Text Editors: When copying from websites, paste the text into a plain text editor (like Notepad) first to remove formatting and hidden characters.
• Keep Software Updated: Ensure your operating system and antivirus software are always kept up-to-date.
• Use Clipboard Managers Carefully: Some third-party applications may introduce more risk than protection if not vetted.