What you must… NEVER CLICK ONLINE
Webuser|February 05 - 28, 2020
Don’t get caught and scammed by the web’s latest mouse traps. Wayne Williams reveals all the things you should avoid clicking and tapping on the web, and explains how to spot them
Wayne Williams

The way that the worldwide web was conceived and is structured means you won’t get far without clicking on anything (or tapping, if you’re using a touchscreen). Unfortunately, for all the wonderful websites you can access with your mouse (or finger), there are lots of things you should keep your cursor well away from, unless you want to infect your PC with malware, hand over personal data to scammers, flood your inbox with spam or even end up in prison. Sadly, such ‘mouse traps’ are becoming increasingly widespread, and the tricks they use to lure you into compromising your privacy and security grow ever more devious.

In this feature, we highlight the dangers, risks and traps that lurk on the web, hidden behind innocuous-looking links, buttons, tick boxes and more, and explain how to spot them and avoid clicking yourself into trouble. We also explain how ‘dark patterns’ can sneakily influence the actions you take on the web.

SECURITY RISKS

Fake download buttons

Some download sites – and many online file hosts – display adverts that are sneakily designed to look like download buttons. These are usually big, bright and eye catching, and if you’re not paying proper attention, there’s a good chance you’ll click one of them instead of the real download link.

What’s the risk?

Instead of downloading the file you want, you’ll be taken to another site where you may be tricked into downloading malicious software or entering personal details to “unlock access” to your file.

How to avoid them

Take your time to ensure you find the genuine download option – it may be a small, unobtrusive link nestled between large ‘download’ buttons. Also, hover your mouse over the download button or link (but don’t click it) and look at the URL that appears at the bottom of your browser to see where clicking it will take you. If it’s another location on the current site, you can assume that it’s probably the legitimate download button. If it doesn’t look right (perhaps containing a reference to “adservices”), then look elsewhere.

Ad blockers such as uBlock Origin (bit.ly/ublock494) and Ghostery (www .ghostery.com) remove many of these buttons, but that’s not always the case, and some sites require you to disable your ad blocker before they will work.

Shortened links

In the early days of the web, magazines like ours had to print the full address of a web page, which could run to several lines in a column. URL shorteners such as Bitly, Is.gd and TinyURL do a great job of transforming long, unwieldy web addresses into something that’s much easier to type and share.

What’s the risk?

While a shortened URL is much easier to share or type, you often won’t have a clue where it leads until you click it. For example, where does bit.ly/2tYfNbt point to? Or bit.ly/microsoft999 for that matter? It could be to a malicious site.

As an aside, if you’re sharing personal links (perhaps to a private YouTube video that can only be accessed by someone with the URL), shrinking the address makes it much easier for unauthorised people to find. You can test this by typing bitly.com/ into your address bar, followed by a random word or two, and seeing where you end up.

How to avoid them

There are ways to find out where a shortened link leads without actually clicking it. You can view the details on the Bitly site, including the unmasked URL, creation date, number of clicks to date, and referrers and locations, simply by adding a plus symbol to the end of the URL. For example, bit.ly/wu494 takes you to our website, but bit.ly/ wu494+ takes you to the Bitly page about the link. Add a minus symbol to the end of an is.gd link to see where it goes, and add ‘preview’ before the tinyurl.com part of a link created using that service.

Alternatively, you can copy the shortened link to an online tool such as ExpandURL (www.expandurl.net), which will show you the full web address that the link takes you to.

Mysterious attachments

Unless you’re entirely new to email, you should know by now never to click a message attachment unless you know exactly what it is and where it came from. The trouble is that scammers have become very adept at fooling the unwary into clicking what seems like a very important attachment – for example, an invoice for a hotel stay the recipient never booked, a delivery notice supposedly from a courier company or a fine that needs paying immediately.

What’s the risk?

The level of risk depends on what the malicious attachment is designed to do once it’s clicked. It could infect your system with malware, install ransomware or launch an attack on a third-party site. Either way, it’s unlikely to be something harmless, so you should never click the file.

How to avoid it

Malicious email attachments used to be easy to spot because they came in the form of easily identifiable executables (with an ‘.exe’ suffix). Now, however, they can be made to look like documents, PDFs, photos, voicemails and more. The trick is to simply avoid clicking any attachments from unknown senders, and don’t open any from people you know unless you’re sure they are safe. A good antivirus program will protect you from most threats, but it’s wise to delete the email rather than leave the threat sitting in your inbox.

Fake security alerts

Provided your antivirus software is reliable and up to date, it should automatically deal with any threat it finds on your computer and inform you of whatever action it has taken to disarm the problem. Fake security alerts tend to be more demanding and in your face – using pop-ups and containing links to a program (either malicious, paid-for or both) that you ‘must’ download, or displaying a phone number that you supposedly need to call to resolve the issue.

What’s the risk?

If you heed the warning and install the recommended “antivirus” software, you could infect your perfectly clean PC with malware. Call the “helpline” and you may be asked to give the scammer remote access to your PC (see ‘Remoteaccess scams’, below) or be duped into sharing personal information and handing over your credit card details to fix a non-existent problem.

How to avoid them

Continue reading your story on the app

Continue reading your story in the magazine

MORE STORIES FROM WEBUSERView All

What you must… NEVER CLICK ONLINE

Don’t get caught and scammed by the web’s latest mouse traps. Wayne Williams reveals all the things you should avoid clicking and tapping on the web, and explains how to spot them

10+ mins read
Webuser
February 05 - 28, 2020

Realme X2

An affordable Android smartphone with features beyond its price

2 mins read
Webuser
February 05 - 28, 2020

How to... Dual-boot Linux Mint with Windows 10

Dual-booting gives you the ability to use Linux at its best without removing Windows. Wayne Williams shows you how

4 mins read
Webuser
February 05 - 28, 2020

Reverse-search the web using photos

Uncover fake pictures, identify faces and catch photo thieves with a reverse image search. Jane Hoskyn reveals the best ways to search the web without words

4 mins read
Webuser
February 05 - 28, 2020

Charge of the fight brigade

Barry Collins is tired of waking up to rows over unplugged devices

2 mins read
Webuser
February 05 - 28, 2020

STOP USING SOFTWARE

Why download hefty programs when you can run everything in your browser instead? Wayne Williams reveals the best free online alternatives to desktop software

10+ mins read
Webuser
January 22 - February 04, 2020

Restore missing KEYBOARD tools

Does your keyboard lack useful options that make typing quicker and easier? Nik Rawlinson explains how to access your keyboard’s missing features and reveal its hidden functions for free

4 mins read
Webuser
January 22 - February 04, 2020

How to... Create your own retro gaming arcade for free

Wayne Williams shows you how to play a huge collection of classic games while staying on the right side of the law

4 mins read
Webuser
January 22 - February 04, 2020

Best download managers

Whether you need to download a large individual file or multiple items, or you want to schedule a download for later, a dedicated download manager can make things easier. Steve Clark compares six of the best free tools

4 mins read
Webuser
January 22 - February 04, 2020

Beat online obstructions

Don’t let annoying popups and widgets block your access to websites. Robert Irvine reveals the best workarounds for common web hindrances and distractions

4 mins read
Webuser
January 22 - February 04, 2020
RELATED STORIES

USERS COULD SOON HIDE ‘LIKE' COUNTS ON INSTAGRAM, FACEBOOK

The tiny red hearts that appear under Instagram photos of kids, kittens and sandwiches can be a source of stress for many users, an insidious way of measuring self-worth and popularity.

1 min read
Techlife News
Techlife News #494

FACEBOOK USERS CAN APPEAL HARMFUL CONTENT TO OVERSIGHT BOARD

Facebook’s quasi-independent Oversight Board said this week that it will start letting users file appeals over posts, photos, and videos that they think the company shouldn’t have allowed to stay on its platforms.

1 min read
AppleMagazine
AppleMagazine #494

MICROSOFT BUYING SPEECH RECOGNITION FIRM NUANCE IN $16B DEAL

Microsoft, on an accelerated growth push, is buying speech recognition company Nuance in a deal worth about $16 billion.

3 mins read
AppleMagazine
AppleMagazine #494

FACEBOOK DELIVERS BIASED JOB ADS, SKEWED BY GENDER

Facebook is showing different job ads to women and men in a way that might run afoul of anti-discrimination laws, according to a new study.

4 mins read
AppleMagazine
AppleMagazine #494

Microsoft Surface Pro 7+ : A giant leap in graphics performance

It’s the most potent upgrade the Surface Pro line has offered in years.

10+ mins read
PCWorld
April 2021

DEADLY WUHAN COVER-UP!

U.S. health officials untangling how virus escaped secret bio lab

4 mins read
National Enquirer
April 19, 2021

7 Home Businesses You Can Launch in 2021

If you're considering starting your own business in 2021, you're in good company. Many people are looking to pivot and try something new in light of the recent economic climate.

6 mins read
Home Business Magazine
Spring 2021

FACEBOOK DATA ON MORE THAN 500M ACCOUNTS FOUND ONLINE

Details from more than 500 million Facebook users have been found available on a website for hackers.

1 min read
AppleMagazine
April 09, 2021

Your Facebook Friend Has Some Thoughts To Share About Your Covid Vaccine

Mark Zuckerberg wanted to make Facebook a source of reliable information about the pandemic. Instead he created a perfect platform for conspiracy theorists

10+ mins read
Bloomberg Businessweek
April 12, 2021

WINDOWS 10 ON M1 MACS: WHAT YOU CAN DO (VIRTUALIZATION, SORTA) AND CAN'T (BOOT CAMP)

VIRTUALIZATION IS KEY, BUT THE LACK OF A CONSUMER VERSION OF MICROSOFT’S M1 -COMPATIBLE OS KEEPS THE SITUATION IN DOUBT.

9 mins read
Macworld
April 2021