A finance employee is booking a restaurant for a team dinner. The reservation site asks her to verify she is human. She has done this a thousand times. The page tells her to press the Windows key and R, paste what is already on her clipboard, and hit Enter. She does it without thinking. There is no download, no attachment, no warning from her antivirus. The verification box disappears and the site loads normally. Nothing seems wrong. What actually happened is that she just ran a PowerShell command that installed an information stealer on her machine. Within minutes, her browser cookies, saved passwords, and active session tokens are on their way to a server she will never see. No malware got past the email filter, because nothing arrived by email. No file triggered the endpoint agent, because she typed the command in herself. This is ClickFix, and in the space of about eighteen months it has gone from a curiosity to the single most common way attackers gain initial access.…