14 DAY TRIAL // Crooks can be very creative when it comes to luring unsuspecting users into their traps, and in a recent campaign, they prey on curiosity to steer the potential victim to malicious online locations.
Accessing a page claiming to play a video that is not intended for mass viewing is quite a lure, but in this case, a click leads to a trap designed to help cybercriminals make some easy money.
Landing on the “Private Video” location, which imitates a YouTube page, is generally carried out through posts on social networking websites, but other methods can also be employed.
Christopher Boyd of Malwarebytes has observed that, in order to drive the user to the malicious page, the crooks try to deceive them with a message informing that Flash Player has crashed and that an update is necessary; alternatively, age verification is necessary.
No matter the pretext, users always land on a dodgy page, that either delivers a malicious file or asks them to complete an online survey.
Boyd says that, in one of the cases, scammers relied on the cost-per-action (CPA) advertising model to make some money.
CPA is an online advertising model which involves the advertiser paying money for a specific action (clicking on a banner, installing a piece of software, etc.).
Crooks set up pages with advertisments and then try to lure in as many victims as possible to click on them, thus filling their pockets in an automated process that does not require too much effort from their part.
The security researcher also noticed that some of the scams pushed various software to the user, such as browser add-ons, sometimes served from storage locations of reputable cloud services. However, most of them had already been taken down, so no analysis could be made.
Users are advised to refrain their curiosity in order to avoid falling into the trap. Behind all sort of fake barriers most often lies malicious software that could lead not just to surveys and advertising scams, but also to leaking private information from the computer.
“Racy and salacious movie clips which have been placed behind a fake barrier are one of the oldest tricks in the book – readers are advised to ensure the URL they’re on actually is Facebook / YouTube, refuse any and all offers of ‘upgrading flash’ to view a video and never be enticed by ‘adult content’ which requires installs,” says Boyd in a blog post.