The FBI issued an alert about fake online document‑conversion/download services that distribute malware and harvest credentials, potentially compromising crypto wallets and accounts. Authorities advise avoiding untrusted converters and scanning files before opening.

Federal authorities have flagged a surge in malicious document‑conversion websites that promise free file format changes but instead deliver malware capable of harvesting passwords, seed phrases and installing remote‑access tools or ransomware. The FBI warning, highlighted in recent reporting, explains that these fake converters exploit user trust: victims upload legitimate documents and receive infected downloads that silently exfiltrate credentials or install backdoors. Criminals then use harvested data for account takeovers, extortion or unauthorized crypto transfers. The alert emphasizes that malicious campaigns often leverage social engineering—fake invoices, HR documents or tax forms—to entice downloads. The FBI recommends using only well‑known conversion services, verifying site certificates, scanning downloaded files with up‑to‑date antivirus, and isolating suspicious files in a sandboxed environment. Organizations are urged to educate staff, block known bad domains at the network level, and report incidents to law enforcement and the FBI’s Internet Crime Complaint Center. The advisory underscores the broader shift toward supply‑chain tactics that weaponize everyday productivity workflows.