How to Spot a Clubhouse Download That Is Actually Malware

How to Spot a Clubhouse Download That Is Actually Malware

Thanks to Clubhouse, and every service now making a clone/competitor to Clubhouse, it might feel a little lonely to be a person who isn’t allowed to hang out where all the growth marketers cool kids are hanging out.

Steel your resolve, though, because there are people who want to take advantage of your social grief and redirect you to what-should-be-obvious malware in your quest to get into Clubhouse. At least, that’s exactly what has happened on Facebook over the past few days.

As TechCrunch reports, a bunch of crafty, crappy attackers launched ads for a fake Clubhouse for PC program. These ads, when clicked on, took people to a fairly convincing recreation of a real Clubhouse website, complete with a mockup of what a Clubhouse PC app might look like.

Of course, downloading it infected your system with malware instead of giving you access to something that doesn’t actually exist.

The good news is that the fake Clubhouse sites have all gone offline, and the malware no longer works — great news, in fact, if you accidentally slapped it on your system. However, if you clicked on any of these links, I don’t think malware is the biggest issue you have to be concerned about.

Clubhouse is a new thing, and if you’re not in on it then you might be annoyed. But don’t let your jealousy disrupt your common sense. First, don’t click on ads to download anything, as it’s just too easy to make a completely bogus ad. If you want to follow a particular app or service’s development, sign up for the company’s official social media channels. That way, if said company releases something new, you’ll know about it; trust me.

I didn’t get a chance to check out the website in question before they were taken down, but the URLs within the ads are typically also a giveaway: joinclubhouse-pc.com. All it takes is a simple web search for the word “Clubhouse” to see that joinclubhouse.com is the actual URL. The service is still in an invite-only beta, and there’s no PC app to download whatsoever.

The takeaway? It’s the exact same advice we’d give whenever you receive an unsolicited message, email, file, hyperlink, or anything else that you weren’t expecting, but that some other party is asking you to take an action on: Don’t do it. Don’t open that “job description” pack on LinkedIn that someone you don’t know sent you. Don’t open a “click here” hyperlink a friend messaged you out of the blue if you haven’t checked where you’re actually going. And don’t click on ads in hopes that the featured app, company, or service is actually behind it.

Log in to comment on this story!