Often, a pretend update prompt will pop up on Google Chrome through a “compromised website” with a clipboard message to “copy the code” provided. It then instructs personal computer owners to open PowerShell — a Microsoft program for scripts — and self-paste in the malware.