14 DAY TRIAL // The Internet is filled with many temptations but, just like in real life, it does not offer free lunches; something always has to be given in return.
A link sent your way by an unknown party may carry a potential risk for your financial balance to tip to the cybercriminal’s side. It can be wrapped up as a promise of viewing something attracting and interesting, or presenting a matter that requires urgent resolution.
In such cases, it is the social engineering component that matters the most because this is what convinces users to click on a link that gets them closer to losing their money.
Although for many users they are just too old a trick to fall for, spam campaigns continue to be successful as they have grown to be more elaborate as far as delivery of the link is concerned.
Since filters and engines have increased their accuracy in determining a spam message, professional scammers have ramped up the game and moved to more aggressive means of delivery.
Social networks are now the coveted target for spammers because they are built to spread the word as quickly as possible, and this is exactly what the crooks need.
The messages can still be spotted as fake, but there are plenty of naives that can be taken advantage of, especially when they see that they (the messages) come from one of their friends.
A compromised social network account allows the spammer to post anything on behalf of the user and thus tap a larger number of potential victims.
Spam is generally associated with unsolicited advertising but scam cases have grown more frequent, just as scammers have grown more organized.
A particular group that tries to use every channel they can to distribute fakevertisments uses the image of celebrities and even creates clones of popular websites with fake news claiming endorsement of the products they sell to make the deceit look legit.
They target any service with message sharing options, all the better if sharing to other platforms is supported and enabled.
Phishing is a more dangerous form of attack that relies on social engineering to make the user click on a particular link. The goal in this case is not to make the victim shell out the money willingly, but to steal the credentials to the victim's bank account.
The modus operandi is similar to spamming but the messages are crafted more carefully and, most of the times, the payload is present as an attachment. Open it and a door to your computer may open for the cybercriminals.
Baiting victims with a link leading to a malicious website is also prevalent in phishing campaigns and, depending on the vigilance of the user and the quality of the message used as a lure, it can be highly effective.
A phishing website is controlled by the crooks and impersonates a legitimate page, oftentimes of a financial institution, asking for sensitive information, all the details being sent directly to the criminal.
They have a short lifespan because of the different databases that collect the malicious links and spread the new information to web browsers, which block access to these locations.
However, cybercriminals have an entire arsenal of means to extract the details needed to empty bank accounts, such as scripts injected into ads to show pop-ups requiring fake updates, or compromised websites serving malicious content.
A link promising to take you to something extraordinaire to see or promising something too good to be true, should always be regarded with skepticism, especially if it comes from an unknown entity.