Fake Google Meet update lets hackers control your Windows PCs

You mightiness deliberation nan biggest threat online is downloading a virus aliases giving distant your password. But a caller phishing instrumentality shows really attackers tin return power of your machine without either of those things happening. Security researchers precocious uncovered a fake Google Meet update page that looks convincing capable to fool galore people. All it takes is 1 click connected a fastener that says "Update now."  Instead of installing an update, you tin beryllium tricked into enrolling your Windows machine successful a distant guidance strategy controlled by attackers.

Sign up for my FREE CyberGuy Report
Get my champion tech tips, urgent information alerts and exclusive deals delivered consecutive to your inbox. Plus, you’ll get instant entree to my Ultimate Scam Survival Guide – free erstwhile you subordinate my CYBERGUY.COM newsletter.

TECH GIANTS UNITE TO FIGHT ONLINE SCAMS
 

A clone Google Meet update page tin instrumentality Windows users into handing attackers distant power of their computers done a built-in instrumentality enrollment feature. (pocketlight/Getty Images)

All you request to cognize astir nan clone Google Meet update

Researchers astatine Malwarebytes, a cybersecurity institution that develops package to observe and region malware, discovered a phishing website designed to look for illustration an charismatic update announcement for Google Meet. The page tells visitors that they request to instal nan latest type of Meet to proceed utilizing nan service. The creation uses acquainted colors and branding that galore of america subordinate pinch Google products.

When personification clicks nan "Update now" button, it does not download an update astatine all. Instead, it triggers a built-in Windows feature utilizing a typical instrumentality enrollment nexus that opens a existent strategy model called "Set up a activity aliases schoolhouse account." This model usually appears erstwhile a company's IT section sets up a laptop for an employee.

In this scam, nan setup model is already filled pinch accusation that connects nan machine to a distant guidance server controlled by nan attacker. The strategy points to an online guidance work hosted connected Esper, which is simply a morganatic level utilized by businesses to negociate institution devices.

If nan unfortunate clicks done nan setup process, their machine becomes enrolled successful what is called a mobile instrumentality guidance system. That gives whoever controls nan server nan aforesaid level of power a company's IT section would person complete a activity laptop.

Security researchers opportunity nan attackers are not expecting everyone to complete nan process. Even if only a mini number of group click done nan prompts, that tin still springiness them entree to capable computers to make nan run worthwhile.

How it useful and why it matters to you

This onslaught useful by abusing a morganatic Windows characteristic alternatively than installing malware. Windows includes thing called instrumentality enrollment, which lets companies link worker computers to a guidance system. Once a instrumentality is enrolled, administrators tin remotely power galore aspects of that machine.

In a normal workplace setting, this helps IT teams instal institution software, enforce information settings, and negociate devices. Attackers realized they could instrumentality group into joining their ain guidance strategy instead. When you click nan clone update button, Windows launches a built-in enrollment process. Because it is simply a existent strategy characteristic and not a clone pop-up, it looks morganatic and tin bypass galore information warnings.

If you complete nan steps, the attacker efficaciously becomes nan administrator of your computer. That could let them to silently instal software, alteration strategy settings, position files stored connected your computer, fastener your screen, aliases moreover swipe nan instrumentality entirely. In immoderate cases, they could besides instal further malware later. What makes this onslaught particularly tricky is that accepted antivirus devices whitethorn not observe thing incorrect because nan operating strategy itself is performing nan actions.

We reached retired to Google for comment, and a spokesperson provided nan pursuing statement: "These 'update now' prompts are not morganatic Google communications. This is simply a phishing run that attempts to instrumentality users into a Windows instrumentality enrollment process. Google Meet updates are handled automatically done your browser aliases nan charismatic app—Google will ne'er punctual you to sojourn a third-party tract to enroll a individual instrumentality to person an update." 

FAKE GOOGLE SECURITY PAGE CAN TURN YOUR BROWSER INTO A SPYING TOOL
 

Instead of downloading malware, victims who click done a clone update page whitethorn unknowingly springiness attackers administrator-level entree to their Windows devices. (Beata Zawrzel/NurPhoto via Getty Images)

7 ways to protect yourself from nan clone Google Meet update

If you ever spot a connection saying you must update a work earlier continuing, slow down and verify it first. A fewer elemental habits tin forestall attacks for illustration this from working.

1) Be skeptical of unexpected update prompts

If a website abruptly tells you that a work for illustration Google Meet needs an update earlier you tin continue, region for a moment. Major platforms seldom unit updates done random web pages. Google Meet updates hap automatically done your browser aliases charismatic app and ne'er require visiting a third-party site. Always cheque nan URL bar. Legitimate Google Meet sessions only tally on meet.google.com. A existent update will ne'er effort to enroll your full machine aliases trigger system-level setup screens. If it does, it is simply a scam. Instead, unfastened nan work straight from its charismatic website aliases app and cheque for updates there.

2) Check if your instrumentality was enrolled without your knowledge

On a Windows computer, unfastened Settings, past spell to Accounts and look for "Access activity aliases school." If you spot an unfamiliar relationship aliases statement listed, particularly 1 you do not recognize, disconnect it immediately. This conception shows whether your instrumentality has been enrolled successful a distant guidance system.

3) Reduce your vulnerability pinch a information removal service

Cybercriminals often trust connected individual accusation recovered online to make phishing attacks much convincing. Data removal services thief region your accusation from information agent sites, reducing nan chances that scammers tin target you pinch personalized attacks. While it will not extremity this circumstantial trick, it tin make you a harder target overall. Check retired my apical picks for information removal services and get a free scan to find retired if your individual accusation is already retired connected nan web by visiting Cyberguy.com.

4) Use beardown antivirus software

Google says Gmail's AI protections artifact much than 99.9% of spam, phishing, and malware, but scams tin still scope you done hunt results, ads, aliases links shared extracurricular your inbox. That's why utilizing strong antivirus software pinch real-time protection tin thief observe suspicious behaviour that whitethorn look aft an attacker gains power of a device. Even though this onslaught uses morganatic Windows features, information devices tin still place different strategy changes aliases malicious package installed afterward. Get my picks for nan champion 2026 antivirus protection winners for your Windows, Mac, Android and iOS devices at Cyberguy.com.

DARKSWORD LEAK PUTS MILLIONS OF IPHONE USERS AT RISK
 

Security researchers uncovered a phishing scam that uses a clone Google Meet update punctual to enroll individual computers into attacker-controlled distant guidance systems. (400tmax/Getty Images)

5) Keep Windows and your browser updated

Software updates often see information protections that thief artifact caller onslaught methods. Running nan latest type of Windows and your web browser reduces nan chances of attackers exploiting older strategy behaviors aliases vulnerabilities.

6) Use a password manager

A password head only autofills your login specifications connected nan correct website address. If you onshore connected a phishing page pretending to beryllium a work for illustration Google Meet, your password head will not capable successful your information. That informing unsocial tin thief you recognize thing is incorrect earlier you click anything. It besides encourages you to trust connected saved logins alternatively of interacting pinch suspicious update prompts. Check retired nan champion expert-reviewed password managers of 2026 at Cyberguy.com.

7) Never complete strategy setup prompts you didn't start

If a Windows strategy model abruptly appears asking you to group up a activity aliases schoolhouse account, extremity immediately. Legitimate setup prompts typically look erstwhile you are configuring a instrumentality aliases pursuing instructions from your employer, not from clicking a random website. If you did not expect it, adjacent nan window.

Kurt's cardinal takeaway

Cybercrime is changing by nan minute. Instead of penning evident viruses, attackers are progressively abusing morganatic features built into operating systems and unreality services. In this case, some Windows instrumentality enrollment and nan guidance level being utilized are existent devices designed for businesses. The attackers simply redirected those devices toward group who ne'er intended to manus complete power of their computers. That should show you really easy powerful endeavor features tin beryllium repurposed for attacks erstwhile location are fewer safeguards preventing misuse.

Should operating systems artifact instrumentality enrollment requests that travel from random websites? Let america cognize by penning to america at Cyberguy.com.

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

Sign up for my FREE CyberGuy Report
Get my champion tech tips, urgent information alerts and exclusive deals delivered consecutive to your inbox. Plus, you’ll get instant entree to my Ultimate Scam Survival Guide – free erstwhile you subordinate my CYBERGUY.COM newsletter.

Copyright 2026 CyberGuy.com. All authorities reserved.