Every day, users of platforms like Twitter and Facebook receive messages that contain malicious links and malware that can sacrifice your privacy and also spread malware via networks and computers.
My experience as a security advisor makes me even more careful with many of these malicious messages sent via a public or private channel.
They usually use three factors to identify whether a message is malicious or not:
Language of Message
Only a small part of my contacts send me messages in both English and Spanish. When I receive a message in English of a person who usually communicates with me Spanish it automatically raises my suspicion. So I normally analyze and review the message with more detail. If I have another way of communicating what that person, I try to communicate via another channel to verify if that person did intend to send me a link or message.
Unusual message with a shortened link
In many cases, people who send malicious links use url shorteners to mask them. If you find a message that is completely off topic be extra careful when clicking the link. The best way to see if the link is safe is to visit one of many tools available to validate if a link is malicious or not.
- AVG Threat Labs
- @lennyzeltser’s list to Verify Url’s
A message that spikes your Curiosity
Most messages that have a malicious link, are those that offer unique information that triggers curiosity. These are the most dangerous because they use phrases which make shut down your thought process very easily and you feel like just clicking on the link. Examples of phrase I’ve seen are:
“I found this article which speaks negatively of you and your company”
“I found these embarrassing pictures of you here”
“I want you to share these private images”
There are multiple ways to identify when you receive a message that could be malicious. But most importantly, tell your contact what happened, as soon as you notice unusual activity.
If in case you see that the user is unknown or looks like a spammer please contact the security team of the platform/
Similar to how you go should be alert, in the virtual world you need to be as alert to identify any threats and not let them expose any of your vulnerabilities.
Any other advice on how you can further detect these situations and what to do?
Very good article. Thanks for discussing this topic. Now I know what to look out for. Best regards!