As of March 27, a new warning has been issued regarding hazardous online

Important Update:
As of March 27, a new warning has been issued regarding hazardous online document conversion websites, amid reports of active campaigns targeting users.

The recent surge of FBI alerts directed at smartphone and computer users highlights a growing threat landscape. Whether it's Chinese hackers breaching U.S. networks or rampant toll scams, the situation continues to deteriorate.
Additionally, the rise of AI-powered attacks is set to exacerbate these risks significantly. Last week, I reported that the FBI is cautioning users about a scam involving "free online document converter tools." Criminals are employing these tools to install malware on victims' systems, which can lead to severe consequences, including ransomware attacks. The FBI has confirmed that this threat remains active, with many users still falling prey to these scams.

Bleeping Computer states, "FBI warnings are legitimate; fake file converters can indeed distribute malware." An FBI representative noted that scammers often imitate legitimate URLs by altering a single character, such as replacing 'CO' with 'INC.' Users searching for terms like 'free online file converter' are particularly at risk since search algorithms may include sponsored results that are scams. To combat these fraudsters, the FBI emphasizes the importance of educating the public to prevent individuals from becoming victims in the first place. While checking URLs and steering clear of sponsored search results is wise, the safest course of action is to avoid online document converters altogether and rely on established applications and platforms. While the FBI has not specified which websites to avoid, threat hunter Will Thomas has shared examples on X, and Malwarebytes has identified several recent domains involved in these scams.

The FBI warns that this threat is linked to the ongoing ransomware attacks targeting organizations across the U.S., both public and private, regardless of size. According to CBS News, "federal investigators believe that the file converter attack method may have contributed to the February ransomware incident at Lee Enterprises, a media company based in Davenport, Iowa, which operates outlets in over 70 small towns across the nation." In reality, free document converters pose similar risks to free apps that often trick users into downloading them with promises of basic functionality—like QR code scanning or document reading—while secretly installing malware or misusing device permissions to collect and transmit user data. Fred Chagnon from Info-Tech Research Group (via CSO Online) warns that the risks of using document converters extend beyond phishing. "Firstly, you cannot trust the integrity of the file you receive.

Even malicious services will perform the requested conversion for users." Forbes Daily: Join over a million subscribers for the latest stories, exclusive reporting, and essential analysis of the day's news delivered to your inbox every weekday.

Forbes