A new ClickFix social engineering campaign is targeting the hospitality sector in Europe, using fake Windows Blue Screen of Death (BSOD) screens to trick users into manually compiling and executing malware on their systems.

A BSOD is a Windows crash screen displayed when the operating system encounters a fatal, unrecoverable error that causes it to halt.

In a new campaign first spotted in December and tracked by researchers at Securonix as “PHALT#BLYX,” phishing emails impersonating Booking.com led to a ClickFix social engineering attack that deployed malware.