How to Spot Malicious Content
Last Updated on June 16, 2021 by Travis Kipp
SSL – Certificates
Additionally, when it comes to websites which you use to access your personal data, it’s a good idea to ensure they use a valid SSL certificate. One way to ensure this is by looking for a padlock symbol at the top left corner of your address bar. Another indication is the URL in the address bar. If they use SSL, they start with https:// as opposed to http://. While this ensures the connection between you and the webserver is secure, it does not mean the site nor its content can be trusted. This is why you must check the URL in the address bar to ensure you are on the correct site. Just because it looks like a familiar site, does not mean it’s coming from the original and trusted source.
In some instances, hackers may acquire a domain name that looks exactly the same as the real address or acquire fake SSL certificates. Therefore, ensure that you take the additional step of looking at the presentation and overall layout of the site. Data suggest that most cloned websites do not do a good job of looking as authentic as the original ones. For instance, hackers on a somewhat low budget may have a decent website which consists of grammatical and spelling errors. Therefore, be sure to check the grammar, spelling, layout and presentation of a site before you interact with it.
Sometimes, the underlying message of a website provides you with a more accurate idea of what the owner’s intentions are. For instance, in most cases websites that request that you conduct a survey, download software or provide information in exchange for money or free premium software is a scam.
In some instances, a hacker can take an expensive premium software, modify it, enable users to access it for free, add a malware into it, and provide said compromised software to unsuspecting users. Then, individuals end up downloading said software and end up with an abundance of malware on their computer. Therefore, if a website promises something that sounds too good to be true, that may just be the case.
Email related malware is particularly alarming as a number of scams have been perpetrated via email malware. For instance, during tax season, millions of people receive spam which is sent under the disguise of being the IRS. Some of the most common phishing lures you need to avoid include:
- Invoices from companies you did not use recently.
- Mysterious emails with attachments that come in the form of a scanned document.
- Emails which proclaim that you’ve won any amount of money or promise that you have the chance to win money.
A good rule of thumb with email is if you didn’t expect the email, it’s most likely going to contain malicious content. If you get frequent spam emails, you can create a rule to automatically send them to the spam folder.
Tech Support Scam
Tech support scammers use a wide variety of tactics to steal personal information, the most common of which are: phone calls, pop-up warnings and search listings.
- Phone calls – Tech support scammers may call unsuspecting victims and proclaim that they work on behalf of a popular company. They will say they’ve identified an issue on your computer and ask that you enable remote access to your device, so that they can evaluate and fix said issue. The reality of the fact is that once you do this, they will gain unrestricted access to your device and will be able to siphon data from your computer.
- Pop-Up Warnings – In some instances you may visit a site as to which you receive a popup window which states that you need to get antivirus software or that your computer has a critical issue that needs to be addressed. In both scenarios, calling the ‘toll free’ number will lead to conversations with individuals who only want access to data that’s stored on your computer. Additionally, downloading an antivirus specifically because a popup stated that you needed to, will lead to malware infection on your device.
Spotting malicious content is a useful skill to have. It can prevent you from loosing valuable data such as financial information as well as your valuable time. Keep in mind, if it sounds too good to be true, it most likely is. It’s healthy to be skeptical when you read or see something your computer as well as phone calls. Spelling mistakes and poor grammar are a good indication of malicious emails. With all of this said, malicious actors will continue to change and improve their tactics to ensure you fall for their malicious content. It’s important to stay current with the latest scams so you don’t fall victim.