Sometimes, when you need an answer to a complex life situation or a way to troubleshoot an error on your PC, regular articles on the web don’t help. Some issues are so niche that no one writes about them, and those who do often say nothing useful in a thousand words. In these cases, adding “Reddit” to your search query can be a game-changer. Nine times out of ten, someone on Reddit has faced the same issue, and there’s probably a solution. But bad actors have caught on to this, too – they’re now mimicking Reddit to spread malware that can steal your personal information.
GET SECURITY ALERTS, EXPERT TIPS – SIGN UP FOR KURT’S NEWSLETTER – THE CYBERGUY REPORT HERE
What you need to know about fake Reddit pages
Hackers are distributing nearly 1,000 fake websites mimicking Reddit and WeTransfer to spread the Lumma Stealer malware. These sites are designed to trick you into downloading malicious software by imitating legitimate discussions and file-sharing services.
On these fake Reddit pages, attackers create a fabricated discussion where one user asks for help downloading a tool, another offers a WeTransfer link, and a third expresses gratitude to make the exchange seem real. Clicking the link redirects victims to a counterfeit WeTransfer site, where the download button delivers the Lumma Stealer malware.
All these fake pages have the following things in common:
- The websites include a brand name (like “Reddit” or “WeTransfer”) followed by random characters to appear legitimate at first glance.
- They use “.org” or “.net” domains instead of the official one, which is “.com”.
- The interface closely mimics the real sites to deceive users.
These fake websites were discovered by Sekoia researcher crep1x, who compiled a full list of the pages involved in the scheme. In total, 529 of these sites mimic Reddit, while 407 impersonate WeTransfer to trick users into downloading malware.
According to BleepingComputer, hackers may be driving traffic to these fake pages through methods like malicious ads (malvertising), search engine manipulation (SEO poisoning), harmful websites, direct messages on social media, and other deceptive tactics.
HOW TO REMOVE YOUR PRIVATE DATA FROM THE INTERNET
The dangers of info-stealer malware
Hackers are using fake Reddit pages to spread Lumma Stealer, a powerful malware designed to steal personal data while staying under the radar. Once it infects a device, it can grab passwords stored in web browsers and session tokens—allowing attackers to hijack accounts without even needing a password.
But Reddit isn’t the only way this malware spreads. Hackers also push it through GitHub comments, deepfake websites, and shady online ads. Once they steal login credentials, they often sell them on hacker forums, where others can use them for further attacks.
This type of malware has already played a role in major security breaches, including attacks on PowerSchool, Hot Topic, CircleCI, and Snowflake. It’s a growing threat, especially for companies that rely on password-based security.
BEST ANTIVIRUS FOR MAC, PC, IPHONES AND ANDROIDS – CYBERGUY PICKS
6 ways to protect yourself from info-stealing malware
1) Be cautious with download links: Avoid downloading files from random Reddit discussions, social media messages, or unfamiliar websites. If an unknown user shares the link or seems out of place in the context, it’s better to err on the side of caution. If the link is directing you to a file-sharing site like WeTransfer or Google Drive, double-check the URL for any signs of manipulation—like random characters added to the domain name.
2) Have strong antivirus software: The best way to safeguard yourself from malicious links that install malware originating from these Reddit discussions, potentially accessing your private information, is to have antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.
My top pick is TotalAV, and you can get a limited-time deal for CyberGuy readers: $19 your first year (80% off) for the TotalAV Antivirus Pro package.
3) Verify website URLs: Fake websites often look convincing but have slight differences in their URLs. Check for misspellings, extra characters, or unusual domains (e.g., “.org” or “.net” instead of the official “.com”).
4) Use strong, unique passwords and enable 2FA: A password manager can help generate and store strong passwords for each site. Meanwhile, enabling two-factor authentication (2FA) adds an extra layer of security, making it harder for attackers to hijack your accounts.
One of the best password managers out there is 1Password. With no known security breaches or vulnerabilities, 1Password is a solid option as a paid password manager. It utilizes a well-designed interface, which features core components that are expected from premium, paid password managers. At the time of publishing, it starts at $2.99 a month, billed annually, for a total of $35.88/year, and you can save more with a family option which includes 5 family members for $60/year.
Get more details about my best expert-reviewed Password Managers of 2025 here.
5) Keep your software updated: Regularly update your operating system, apps, browsers, and other software on your PC or mobile devices. Updates often include patches for security vulnerabilities that hackers can exploit.
6) Watch out for malvertising and SEO traps: Hackers manipulate search engine results and run deceptive ads to trick users into visiting fake sites. Stick to official sources and avoid clicking on ads or search results that seem too good to be true.
HOW TO FIGHT BACK AGAINST DEBIT CARD HACKERS WHO ARE AFTER YOUR MONEY
Kurt’s key takeaway
Hackers are getting sneakier, using fake Reddit and WeTransfer pages to spread dangerous malware like Lumma Stealer. These sites might look real, but they’re designed to steal your personal info. To stay safe, always double-check links and be cautious about downloading files from unfamiliar sources. Use strong, unique passwords, enable two-factor authentication, and keep your software updated to stay one step ahead of cybercriminals.
Have you ever encountered a suspicious link on Reddit or social media? How did you handle it? Let us know in the comments below.
TO GET MORE OF MY SECURITY ALERTS, SUBSCRIBE TO MY FREE CYBERGUY REPORT NEWSLETTER