Cyberweapons evolve just like real weapons. Tireless warriors of the virtual world, hackers never stop their activity. The summer of 2017 brought new concerns for users: virtual criminals got their hands on the Shadow Brokers exploit kit, resulting in a significant increase in cybercriminal activity.
The exploits take advantage of vulnerabilities in popular software, including the Windows 10 suite, which is installed on at least 500 million computers worldwide, and various Google Chrome extensions.
All internet users sooner or later encounter cyberthreats, even if they simply check their email once a week. This goes without saying for regular internet users—we do more and more things online these days: chat, call, book, entertain, shop, pay, and, of course, work. With all this activity, the likelihood of becoming a target for hacker attacks is quite high.
Most of us know how to protect ourselves and use regularly updated, licensed antivirus software, but even this can't protect against all possible threats. It's best to know your enemy, as it often starts with an innocuous message in your inbox. Here are five windows that should raise your suspicions.
1. “You win!”
A dangerous message usually appears as a pop-up window and contains information about winning a huge sum of money, a car, an expensive gadget, or other unrealistic prizes. If you actually received a bonus from an organization, it will be something quite modest (500 rubles, a discount, a coupon for a free procedure). The information will arrive in your inbox as a regular email without the flashy animation.
How to respond : Do not click “yes” or “no,” and do not attempt to close the window. Any action will result in redirection to a third-party resource, which may be infected with malware or spyware. It's best to close your browser. If you did participate in a prank, call the organization and confirm.
2. “Enter your phone number”
Typically, you're asked to enter a phone number, supposedly to confirm you're not a bot. In reality, this isn't necessary at all. A captcha (text and character recognition) is typically used to distinguish a real user from a program. In this case, you're most likely dealing with scammers who are collecting numbers in databases to resell to unscrupulous advertisers for SMS spam.
Of course, some resources require your phone number for legitimate security reasons—for example, banking services require your contact information to send you one-time passwords; social media networks link accounts to mobile numbers for more detailed user identification and quick access recovery in the event of a hack. Prove you're not a bot, give me your phone number!
How to respond : Only enter your phone number on major, well-known resources where it's actually needed—social media, online banking, and online stores. If the site is obscure or purely for entertainment purposes, it's best to avoid it.
Spammers often resort to tricks: for example, they try to force you to take a lengthy test or promise to create a personal horoscope. To get the results, you need to provide your phone number. Don't do this—you'll be inundated with spam.
3. “Your page has been hacked, you need to change your password.”
Approximately 60-70% of incoming email is spam, and a significant portion of this spam contains hidden phishing attacks. One of the most common methods is a request to change a password on a social network or payment system.
Such a message can alert even the most naive user, and recently, scammers have become more sophisticated: instead of a password, they ask for, for example, a birthday, supposedly to participate in a giveaway or receive bonuses. The account holder clicks a link to a website that looks exactly like the original, but the address likely contains an error. There, the user enters their password and username, which are then successfully used by the scammers for their own purposes.
How to respond : Do not click links when receiving such messages. Close your browser with all tabs, launch your antivirus, then open a new window and log in to your account from the main page. In the future, use two-factor authentication (not just a password/login pair, but also a one-time SMS code, for example). Remember to use complex passwords, and it's best to store them in dedicated password managers, such as LastPass and KeePass Password Safe, which store information encrypted.
4. “Hi! I'm writing from someone else's account…”
A letter from a supposed friend or relative asking for help (financially, of course). The person is supposedly in a difficult situation, and every minute counts. Only a money transfer from you can save them.
How to respond : Asking clarifying questions is pointless. The scammer has likely already studied your account, photos, and comments, and won't be flustered if you ask, “What school did you and I go to?”, “What's my mother's name?”, etc. It's best to avoid asking tricky questions and call the person on their cell phone immediately. Even if the message says, “Don't call me, it's dangerous. They're watching.” The safest course of action is to mark the message as “phishing” and not respond to it at all.
5. “Watch the video?”
Intrusive messages offering videos to the user are usually dangerous. They lead to pages infected with viruses. Spyware can steal your passwords to your personal accounts and e-wallets. You can even become infected on large hosting sites like YouTube.
The latter is linked to a high-profile case involving the infection of hundreds of thousands of computers. Hackers posted an advertisement for a well-known brand on a website, forcing users to click through to a page containing malicious code. Such incidents have long been common in the Western internet, and the phenomenon has even been given the name “malvertising,” a portmanteau of the words “malware” and “advertising.”
How to respond : Most users, upon receiving such a message, will do the only reasonable thing—try to close the window by clicking the icon in the upper right corner. The problem is that in this case, the user's choice is irrelevant. No matter where you click, the result will be the same—a forced link to a dangerous website. Therefore, it's best to close your browser and run an antivirus program, or even better, take steps to protect yourself in advance and use an extension like Adblock Plus, which blocks unwanted ads and prevents dangerous connections.
Malicious messages can often be identified using simple logic; you don't need to be a content analysis expert to do so. However, even advanced users aren't always successful. The messages are designed to evoke strong emotions—joy (and a little greed), anxiety, curiosity, and so on.
Cybercriminals are skilled psychologists and play on emotions, relying on the speed of decision-making. Therefore, it is important for users to be aware of typical fraudulent schemes and, at the same time, remember basic information security rules: using an antivirus, ad blocker, and password manager.
