Statistics, children and scammers
Tuesday, October 4, 2016
Curiosity in children is a very good trait, but in many situations common sense should prevail. This is especially true when it comes to links on the Internet—billions of them exist and resisting the temptation to click on them can be difficult. But these links are exactly what criminals are using to seduce users into visiting bogus sites with the expectation of seeing something interesting.
An experiment conducted by Dr. Zinaida Benenson, Department Chair of Friedrig-Alexander University’s (FAU) Computer Science Department, involved fake messages being sent under false names to about 1,700 FAU students, either via email or Facebook.
The email and Facebook messages contained a link. The message text claimed that the link would take them to a page containing photos of them that were taken the previous weekend.
In the first study, the researchers addressed students using their real names. In the second study, they didn't address the students by name, but gave more specific information about the place where the photos were taken: a New Year’s Eve party the week before.
- In the first study, when the real names of the targets were used, 56% of the email recipients and 38% of the Facebook message recipients clicked on the links.
- In the next study, where the names of the recipients were not used, 20% of the email recipients, and 42% of the Facebook users clicked on the links.
Later, 78% of the participants claimed that they knew about the dangers that links from unknown senders may present! When asked why they clicked on the link, most said that they did it out of curiosity.
This once again proves that even when people are aware of risks, they disregard them. Other statistics related to the experiment are somewhat scarier.
Only 20% of the participants in the first study and 16% of the targets in the next study admitted to clicking on the link. However, 45% and 25% of the targets, respectively, actually did click on it.
So, if your children or friends claim that they didn't do anything of this kind, just remember the above figures.
Well, what bad could happen if I just click on a link to take a quick look? I'm not going to click on anything else. I'll just look.
If a user clicks on a link with the target attribute target='_blank', a new tab will open in their browser. However, a vulnerability (the window.opener object) briefly gives the linked page access to the source page so that it can change the previous page.
For example, if a user opens such a link while on Facebook, criminals can replace the Facebook page with a fake one that will prompt the user to enter their login and password in order to sign in once again. This is how attackers get hold of user Facebook account credentials.
The vulnerability target="_blank" was discovered two years ago; however, it persists on many popular sites.
How often do new tabs pop up when you click on links?
The Anti-virus Times recommends
- No matter how much you tell them about the dangers of the outside world, curious kids will always be doing things that keep security experts busy.
If the children in your life insist that they’ve never been involved in any of the above, check the Dr.Web anti-virus statistics. To open the statistics window, click on the icon in the system tray and click on the icon (after having clicked on the padlock icon to make the gear icon accessible).
- No matter what security advice we attempt to drill into children, the elderly, and other family members, link-clicking is always going to be a problem. Use the Parental Control to prevent them from being exposed to bogus resources. Over 50,000 hazardous sites are added to its blacklists on a weekly basis.
Tell us what you think
To leave a comment, you need to log in under your Doctor Web site account. If you don't have an account yet, you can create one.
Comments
vasvet
07:14:19 2018-07-21