Q&A What can a link do?

Shadowra

Level 6
Sep 2, 2021
253
2,811
Hello :)

First of all, as you say, there are phishing sites that copy identically the known sites (ISP, bank etc).
There are also other attacks like exploits, drive-by downloads or spam with attachments.

Exploit : A site that exploits security holes in targeted software (browser, Java, Flash, etc.) in order to install malicious software (Ransomware, Worm, Trojan, Botnet, etc.) without your consent.

To protect yourself: Update all your software and a strong antivirus.

Drive-by download : Site that will force you to install malware by exploiting ALL the flaws of the machine ! It is the most violent.

To protect yourself : Same as the exploit.

Spam : You receive an email with an attachment you don't know... Curious, you open it... but the damage is done!
Usually, a Word Macro is hidden in it to download a malware.

To protect yourself: Don't open or reply to any e-mail you don't know! :)
 

StackedGlitch

New Member
Oct 4, 2021
3
14
Hello :)

First of all, as you say, there are phishing sites that copy identically the known sites (ISP, bank etc).
There are also other attacks like exploits, drive-by downloads or spam with attachments.

Exploit : A site that exploits security holes in targeted software (browser, Java, Flash, etc.) in order to install malicious software (Ransomware, Worm, Trojan, Botnet, etc.) without your consent.

To protect yourself: Update all your software and a strong antivirus.

Drive-by download : Site that will force you to install malware by exploiting ALL the flaws of the machine ! It is the most violent.

To protect yourself : Same as the exploit.

Spam : You receive an email with an attachment you don't know... Curious, you open it... but the damage is done!
Usually, a Word Macro is hidden in it to download a malware.

To protect yourself: Don't open or reply to any e-mail you don't know! :)
Thanks for your answer
I asked this actually because a family member of mine accidentally opened a phishing site impersonating carrefour I searched their device for malware but couldn't find any so I wondered if the hackers didn't really need malware and have hacked them in another way
 

SecureKongo

Level 23
Verified
Feb 25, 2017
1,244
8,690
Thanks for your addition. I have already setup an adblocker on my device.
Not sure if you are looking for ways to protect yourself from phishing, scams or malicious sites but if you do here are some browser extensions and other services that might help.

1. Malwarebytes Browser Guard
2. Netcraft (mainly for phishing protection)
3. Bitdefender Traffic Light


If you think that you can manage to set this up and have some money to spare, then I'd recommend trying NextDNS:


There is a basic free plan but if you want to use it for all your family devices then you will need to pay an annual subscription.
Hope it helps! ;)
 

amirr

Level 21
Verified
Jan 26, 2020
1,017
3,623
Not sure if you are looking for ways to protect yourself from phishing, scams or malicious sites but if you do here are some browser extensions and other services that might help.

1. Malwarebytes Browser Guard
2. Netcraft (mainly for phishing protection)
3. Bitdefender Traffic Light


If you think that you can manage to set this up and have some money to spare, then I'd recommend trying NextDNS:


There is a basic free plan but if you want to use it for all your family devices then you will need to pay an annual subscription.
Hope it helps! ;)
What about UBO?
 

Gandalf_The_Grey

Level 53
Verified
Trusted
Content Creator
Apr 24, 2016
4,247
41,418
You should seriously consider using ad blockers, which can filter out a lot of the malvertising noise, thereby stopping dynamic scripts from loading dangerous content. By blocking all advertisements from displaying on websites, you remove any chance of viewing and clicking on an ad that is potentially harmful. Ad blocking also results in additional benefits, from reducing the number of cookies loaded on your machine, to protecting your privacy by preventing tracking, saving bandwidth, loading pages faster, and prolonging battery life on mobile devices.
 

SFox

Level 6
Verified
Jun 11, 2019
277
1,252
Besides malware and phishing
How could a link hack someone in other ways?(if malware and phishing aren't the only ways)
And how to protect from them?
The link itself is not dangerous. Until you click on it :) However, even if you click on such a link, then in this case you may be lucky - your antivirus will respond to the download of a malicious file, or if you get to a phishing site, you will notice that the site fake (spelling errors, incorrect design, wrong site address, unencrypted connection, broken interactive elements, and much more).
Surprisingly, even if your antivirus does not know the malware, you may still be lucky, and there was such a case when a user clicked on a link in an email, after which his default browser, Google Chrome, was launched. But the malicious file was not downloaded, since the attack was aimed only at users of the Mozilla Firefox browser, in which the attackers exploited a zero-day vulnerability :) And users of Google Chrome and browsers on Chromium were safe and could click the link at least 100 times :) They were simply presented with a blank website page, while Mozilla Firefox users were running a script that exploited a zero-day vulnerability, which downloaded and launched the Trojan.
But why would you risk so much? It is better not to click on links in letters from unknown senders.
 

wat0114

Level 4
Verified
Apr 5, 2021
185
1,299
Yes, for advanced users it's worth considering but without medium or high mode you won't gain much extra security.

With all due respect, and because I'm a proponent - even a cheerleader :D - of uBlock Origin, a decent measure of additional security can be achieved by enabling Enhanced Easy mode which can block malicious code on compromised websites, with very little interaction required by the user in most cases. Only on rare occasion will a user need to allow a harmless iframe for a website to function properly. This effectively is a nice trade-off of considerable security gain with only minimal user interaction. This Blocking mode can be a nice option for less advanced users.
 

SecureKongo

Level 23
Verified
Feb 25, 2017
1,244
8,690
With all due respect, and because I'm a proponent - even a cheerleader :D - of uBlock Origin, a decent measure of additional security can be achieved by enabling Enhanced Easy mode which can block malicious code on compromised websites, with very little interaction required by the user in most cases. Only on rare occasion will a user need to allow a harmless iframe for a website to function properly. This effectively is a nice trade-off of considerable security gain with only minimal user interaction. This Blocking mode can be a nice option for less advanced users.
Totally forgot about that mode... Probably I sticked with AdGuard for too long. 😅
Anyway, I agree with you but I just see uBlock Origin as an adblocker that is hard to understand for the average user. The UI can be irritating and whitelisting specific domains can be hard to understand to. I personally would only install uBlock Origin in default settings on my parent's PC for example, as I know that it could cause a lot of trouble on the enhanced mode when I am not around.
 

wat0114

Level 4
Verified
Apr 5, 2021
185
1,299
but I just see uBlock Origin as an adblocker that is hard to understand for the average user. The UI can be irritating and whitelisting specific domains can be hard to understand to. I personally would only install uBlock Origin in default settings on my parent's PC for example, as I know that it could cause a lot of trouble on the enhanced mode when I am not around.
Agreed, most people don't have the time, patience and understanding to use the Advanced mode blocking, especially medium and higher.
 

Kees1958

Level 4
Verified
Sep 5, 2021
179
987
Thanks for your answer
I asked this actually because a family member of mine accidentally opened a phishing site impersonating carrefour I searched their device for malware but couldn't find any so I wondered if the hackers didn't really need malware and have hacked them in another way
When they just clicked and did not buy groceries or enter banking details there is not much to worry about.
 
Top