A few years ago, it became a "life hack" to add the word "Reddit" at the end of a search term for something you want help with (at least, before Google began serving Reddit posts higher than usual). The idea is that whatever problem you have, there are ten Reddit threads from days past that have threads full of troubleshooting tips, advice, solutions, and tools to fix your issue. Well, it seems that the life hack is being used against us, as scammers now use fake Reddit websites to peddle malware.

Fake Reddit websites offering "solutions" are infecting people with malware

As spotted by crep1x on X, fake Reddit threads are popping up around the internet that claim to fix a specific issue. In the phony thread, a user claims that they have the solution and posts a link to a tool. The original poster then replies to the comment, claiming that the download fixed the issue.

Of course, these aren't real people; it's just a setup to encourage you to click the link. If you do click it, you're taken to a fake WeTransfer clone that downloads the executable to your computer. This payload contains the Lumma Stealer malware, designed to steal and beam your sensitive information back to the program's owner.

Fortunately, the fake websites have telltale URLs that give away their real nature. For example, the fake Reddit thread that crep1x found used a .org domain instead of .com and had some random padding between the "Reddit" and the domain extension. As such, the next time you're Googling for a Reddit-based solution, give the URL a double-check before you click any links within.