A link (short for hyperlink) is an HTML object that allows you to jump to a new location when you click or tap it. Links are found on almost every web-page and provide a simple means of navigating between pages on the web. Links can be attached to text, images, or other HTML elements.
- In phishing e-mails, everything seeks to persuade readers to click a link that can ultimately steal their accounts, passwords, credit card details, and more. Users will be enticed by deals to good to be true, advised that accounts are about to be canceled, threatened with bogus legal action or other dire consequences, all simply to get them to click the link in the message.
- On social media (Facebook, Twitter, MySpace, and so forth) use of URL shortening tools supposed conserve characters, but really hide malicious links from users. Users will be presented with interesting or enticing information along with innocuous looking links, to get them to click and open their devices or PCs up to attack.
- SQL injection attacks on legitimate Web sites replace valid links with malicious ones, so that users get “carried away” to malware sites without their knowledge, and click malicious links with no awareness of the dangers involved. In the background, attacks are often already underway.
What’s the common thread in all of these above scenarios? Clicking a link that leads to something unwanted and very often powerfully malicious enough to harvest user input on targeted devices or machines using keyloggers, and to export keyboard input from keyloggers to third parties using Trojan backdoors that send this data across the Internet to shady designated recipients.
How can users avoid these snares ? Simple! By refusing to click links with unknown destinations, or where the consequences of clicking those links aren’t completely clear. Hence our guiding principle “Think before you click!” Follow that simple rule, and potential sources of trouble and loss will be slashed.