In The News‎ > ‎

What Happens When You Click a Malicious Link

posted Oct 23, 2014, 11:42 AM by Craig Cox   [ updated Oct 23, 2014, 11:42 AM ]
You hear it all the time (especially from me):  Don't click on suspicious links!  So, what happens if you do click on a bad link?  Well, it could be one of several things.

You could be directed to a commercial site.  This would mean that an advertiser agreed to pay some small amount of money for a page referral, believing that their advertiser would put ads up on legitimate websites.  When an interested potential customer clicked the ad, the web site paid two or three cents.  Instead, the advertiser blasted spam emails out.  If you clicked, then the web site paid money to the advertiser not for an interested customer, but for a ticked-off spam victim.  This is a form of "click fraud."

You could be directed to a web form, asking for your login credentials, your bank info, or your social security number.  This is an information-harvesting scam.  Whatever was collected will be used to take your money, use your account, or use your identity to open credit card accounts.

The third thing that might happen is the link itself might trigger some kind of compromise on your computer.  It might be browser hijacking.  It might be a root kit, which gives the attacker the ability to use your computer remotely.  It might be a program to encrypt your files, in order to make you pay ransom to get them back.  In case of an attempt to directly compromise your computer, here are some things to have ready before the attack comes:
  • Keep your patches and antivirus software up to date.
  • Keep good backups, and freshen them often.  If bad guys do manage encrypt your files, this makes it easier to tell them to go jump in the lake for their ransom money.
  • Keep your eyes open.  Be skeptical of unannounced links, and check with the sender before clicking.  If their email was compromised (or the return address forged), even your most trusted friend's name could be on a bad link.