Clickbait malware sites
Kris'' Rides, CC
Founder | Cyber Security Staffing SME | Conference Speaker | Diversity Ally | Board Member | Penetration Testing | Virtual CISO
“You No Longer Need To Be A Member To Shop In Their Stores” ( 1 )
“NASA Confirms Earth Will Experience 15 Days of Complete Darkness in November” ( 2 )
“First she did this, and then you won’t believe what happened!”
If you visit any social media, news sites, or see advertisements online, you will inevitably come across headlines such as those. Whether misinformation (1), lies (2), or a vague title, the goal of such headlines is to ensnare your curiosity and get you to click: it is "clickbait."
In their most benign and harmless form, most websites using such headlines simply want you to visit their page. Each visitor, no matter how long they may stay upon the page, is money in their pocket from the advertising they host. In such cases, the article may provide content that is different than you anticipated, is several years old rather than "trending," or is complete misinformation, leaving you either confused or unsatisfied.
In the best case scenario, you gain a bit of entertainment and lose only time, and perhaps learn something provided that the article was not a lie. Because their goal is to gain money from more clicks, such websites will encourage you to share the article or entertainment quiz, or even provoke you to ‘correct’ them by commenting, thus garnering more visits and attention.
As with any manipulation, however, this clickbait method is employed by people interested in far more than their visitor count. You and your click can offer up access to your accounts, money, computer, and your entire network through phishing or malware installation.
The easiest route to infecting a computer is to get the user to install it themselves or share their information voluntarily.
All it takes is a click.
If someone sent you a link that said “This is a virus, download it for me. Also, give me access to your bank account and send me all of your personal information so that I can impersonate you and use your credit card and Social Security Number,” most people would be smart enough not to click it. Instead, malware distributors use tactics including but not limited to:
- "In order to view this video, you need to install this video player addon."
- "Download this leaked popular episode and view it before it is released"
- Pop-ups you must click past to see the content
- Surveys you must fill out to see the content
- Redirecting you to yet another website, either automatically or to view the promised content
- "Give us access to your Facebook information," which often includes more in the text than you realize.
- "Install this app!"
Heed the Red Flags:
Be skeptical: is it a title that seems real, or is it merely a fish hook waiting for your bite? When in doubt, you can run a web search on the topic and often find a more trustworthy source of information, if not discover that it is a hoax.
Check the web address: is it a trusted company and address? Is there something wrong about the domain name? Usually, if you hover over the link you can determine the actual address you will be taken before you even click on it. What is typed does not always reflect the destination! For example: Google.com. Unfortunately, this requires a bit of a learning curve to be able to recognize real websites from spoofs.
Do not share information: many scammers sell any survey data you provide, which in turn is used for phishing attacks against you. They may even use this information to create a false account and pose as you to your friends, gaining more information or convincing them to download malware.
Clean up: remove anything suspicious from your social media feeds, and alert your friends and family if there is a risk. Report any suspected scams to the hosting social media platform or website (ex. Facebook). When in doubt, change any passwords you use, remove any applications you downloaded, and run a full virus scan of your computer.
Disable Scripts
- That x you just clicked to close a pop-up window?
- That link you clicked?
- That advertisement on the side of the page that you did not even look at, let alone click?
They may all be doing something else than what you expected. While the pop-up may vanish or you may reach the content you were seeking, the scripts can also perform additional things in the background that you may not notice until something goes wrong. This may be as simple as sharing itself on your social media page by disguising a share button as a closing box, or it could be installing malware on your machine the moment you opened their webpage.
Because the advertising space can be bought and sold, both websites and advertising companies alike can be tricked into hosting malicious advertisements that then automatically run code when you view the webpage, telling your browser to download malware without you even clicking on anything. Most legitimate websites work hard to limit the risk of malware infections through the advertisements they run, but the risk remains, often in the form of redirects to external websites. Script-blocking addons can prevent them from running in the first place.
Update, update, update!
Some of those hidden scripts will search for and exploit any unpatched vulnerabilities on your machine. Keep your computer and antivirus programs up to date, as well as any programs you use!
This extends to any business networks; with social media's prevalence, a user's click can open your entire network to infection if it is not well secured and kept up to date. Tiro Security is available with a variety of solutions to fit small to medium business' needs, helping you find the IT Security staff you need to ensure your systems are protected from the numerous pitfalls, scams, and phishing attempts lurking under the guise of advertisements or curious article headlines! Please contact us to find out more about our cost effective Online Security Awareness training and Phishing Simulation tests.