Advice Request What can a link do?

Please provide comments and solutions that are helpful to the author of this topic.

Shadowra

Level 33
Verified
Top Poster
Content Creator
Malware Tester
Well-known
Sep 2, 2021
2,243
Hello :)

First of all, as you say, there are phishing sites that copy identically the known sites (ISP, bank etc).
There are also other attacks like exploits, drive-by downloads or spam with attachments.

Exploit : A site that exploits security holes in targeted software (browser, Java, Flash, etc.) in order to install malicious software (Ransomware, Worm, Trojan, Botnet, etc.) without your consent.

To protect yourself: Update all your software and a strong antivirus.

Drive-by download : Site that will force you to install malware by exploiting ALL the flaws of the machine ! It is the most violent.

To protect yourself : Same as the exploit.

Spam : You receive an email with an attachment you don't know... Curious, you open it... but the damage is done!
Usually, a Word Macro is hidden in it to download a malware.

To protect yourself: Don't open or reply to any e-mail you don't know! :)
 
Upvote 0

StackedGlitch

New Member
Thread author
Oct 4, 2021
3
Hello :)

First of all, as you say, there are phishing sites that copy identically the known sites (ISP, bank etc).
There are also other attacks like exploits, drive-by downloads or spam with attachments.

Exploit : A site that exploits security holes in targeted software (browser, Java, Flash, etc.) in order to install malicious software (Ransomware, Worm, Trojan, Botnet, etc.) without your consent.

To protect yourself: Update all your software and a strong antivirus.

Drive-by download : Site that will force you to install malware by exploiting ALL the flaws of the machine ! It is the most violent.

To protect yourself : Same as the exploit.

Spam : You receive an email with an attachment you don't know... Curious, you open it... but the damage is done!
Usually, a Word Macro is hidden in it to download a malware.

To protect yourself: Don't open or reply to any e-mail you don't know! :)
Thanks for your answer
I asked this actually because a family member of mine accidentally opened a phishing site impersonating carrefour I searched their device for malware but couldn't find any so I wondered if the hackers didn't really need malware and have hacked them in another way
 
Upvote 0

Kongo

Level 35
Verified
Top Poster
Well-known
Feb 25, 2017
2,478
Thanks for your addition. I have already setup an adblocker on my device.
Not sure if you are looking for ways to protect yourself from phishing, scams or malicious sites but if you do here are some browser extensions and other services that might help.

1. Malwarebytes Browser Guard
2. Netcraft (mainly for phishing protection)
3. Bitdefender Traffic Light


If you think that you can manage to set this up and have some money to spare, then I'd recommend trying NextDNS:


There is a basic free plan but if you want to use it for all your family devices then you will need to pay an annual subscription.
Hope it helps! ;)
 
Upvote 0

amirr

Level 27
Verified
Top Poster
Well-known
Jan 26, 2020
1,628
Not sure if you are looking for ways to protect yourself from phishing, scams or malicious sites but if you do here are some browser extensions and other services that might help.

1. Malwarebytes Browser Guard
2. Netcraft (mainly for phishing protection)
3. Bitdefender Traffic Light


If you think that you can manage to set this up and have some money to spare, then I'd recommend trying NextDNS:


There is a basic free plan but if you want to use it for all your family devices then you will need to pay an annual subscription.
Hope it helps! ;)
What about UBO?
 
Upvote 0

Kongo

Level 35
Verified
Top Poster
Well-known
Feb 25, 2017
2,478
What about UBO?
Yes, for advanced users it's worth considering but without medium or high mode you won't gain much extra security. And for most users dealing with the blocking of 3rd-party-scripts etc. will be hard to understand and can be too restrictive while doing their general browsing.
 
  • Like
Reactions: oldschool and Nevi
Upvote 0

Gandalf_The_Grey

Level 76
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,505
You should seriously consider using ad blockers, which can filter out a lot of the malvertising noise, thereby stopping dynamic scripts from loading dangerous content. By blocking all advertisements from displaying on websites, you remove any chance of viewing and clicking on an ad that is potentially harmful. Ad blocking also results in additional benefits, from reducing the number of cookies loaded on your machine, to protecting your privacy by preventing tracking, saving bandwidth, loading pages faster, and prolonging battery life on mobile devices.
 
Upvote 0

Zorro

Level 9
Verified
Well-known
Jun 11, 2019
404
Besides malware and phishing
How could a link hack someone in other ways?(if malware and phishing aren't the only ways)
And how to protect from them?
The link itself is not dangerous. Until you click on it :) However, even if you click on such a link, then in this case you may be lucky - your antivirus will respond to the download of a malicious file, or if you get to a phishing site, you will notice that the site fake (spelling errors, incorrect design, wrong site address, unencrypted connection, broken interactive elements, and much more).
Surprisingly, even if your antivirus does not know the malware, you may still be lucky, and there was such a case when a user clicked on a link in an email, after which his default browser, Google Chrome, was launched. But the malicious file was not downloaded, since the attack was aimed only at users of the Mozilla Firefox browser, in which the attackers exploited a zero-day vulnerability :) And users of Google Chrome and browsers on Chromium were safe and could click the link at least 100 times :) They were simply presented with a blank website page, while Mozilla Firefox users were running a script that exploited a zero-day vulnerability, which downloaded and launched the Trojan.
But why would you risk so much? It is better not to click on links in letters from unknown senders.
 
Upvote 0

wat0114

Level 11
Verified
Top Poster
Well-known
Apr 5, 2021
547
Yes, for advanced users it's worth considering but without medium or high mode you won't gain much extra security.

With all due respect, and because I'm a proponent - even a cheerleader :D - of uBlock Origin, a decent measure of additional security can be achieved by enabling Enhanced Easy mode which can block malicious code on compromised websites, with very little interaction required by the user in most cases. Only on rare occasion will a user need to allow a harmless iframe for a website to function properly. This effectively is a nice trade-off of considerable security gain with only minimal user interaction. This Blocking mode can be a nice option for less advanced users.
 
Upvote 0

Kongo

Level 35
Verified
Top Poster
Well-known
Feb 25, 2017
2,478
With all due respect, and because I'm a proponent - even a cheerleader :D - of uBlock Origin, a decent measure of additional security can be achieved by enabling Enhanced Easy mode which can block malicious code on compromised websites, with very little interaction required by the user in most cases. Only on rare occasion will a user need to allow a harmless iframe for a website to function properly. This effectively is a nice trade-off of considerable security gain with only minimal user interaction. This Blocking mode can be a nice option for less advanced users.
Totally forgot about that mode... Probably I sticked with AdGuard for too long. 😅
Anyway, I agree with you but I just see uBlock Origin as an adblocker that is hard to understand for the average user. The UI can be irritating and whitelisting specific domains can be hard to understand to. I personally would only install uBlock Origin in default settings on my parent's PC for example, as I know that it could cause a lot of trouble on the enhanced mode when I am not around.
 
Upvote 0

wat0114

Level 11
Verified
Top Poster
Well-known
Apr 5, 2021
547
but I just see uBlock Origin as an adblocker that is hard to understand for the average user. The UI can be irritating and whitelisting specific domains can be hard to understand to. I personally would only install uBlock Origin in default settings on my parent's PC for example, as I know that it could cause a lot of trouble on the enhanced mode when I am not around.
Agreed, most people don't have the time, patience and understanding to use the Advanced mode blocking, especially medium and higher.
 
Upvote 0
F

ForgottenSeer 92963

Thanks for your answer
I asked this actually because a family member of mine accidentally opened a phishing site impersonating carrefour I searched their device for malware but couldn't find any so I wondered if the hackers didn't really need malware and have hacked them in another way
When they just clicked and did not buy groceries or enter banking details there is not much to worry about.
 
Upvote 0

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top