10 Scary Tricks Cybercriminals Use to Lure Unsuspecting Users
Whether you’re commemorating the Day of the Dead or spooking up your house with ghoulish ornaments for trick-or-treaters, Halloween will always be one of the most celebrated holidays for family and friends who enjoy scary movies and festive costumes. Cybercriminals like scaring their victims as well—or at least in ways that will make unwitting users click on a malicious link or visit a bad site.
This Halloween, we’ve rounded up ten of the scariest tactics cybercriminals use to trick users into clicking on malicious links, open suspicious attachments, install fake software, and more.
- Losing access to files – ransomware essentially locks the user’s computer or device unless they pay up. The scary part about falling victim to ransomware is that you're not only prevented from accessing your own files; it also steals your credentials and information that could lead to more ransom attempts.
- Banking-related schemes – banking scam tactics include calls or emails to inform users about banking-related updates or notifications like card suspension and suspicious transactions. The scare tactic then leads to fake banking pages that are designed to steal information. In some cases, users get a call from a fake customer service representative who try to fish banking details from the victim.
- Heartbleed panic – ever since the news of Heartbleed broke, cybercriminals were quick to capitalize on spam emails to get users to click on the seemingly important warning. Because Heartbleed was indeed a serious security issue, attackers used the threat to convince users to click on more news.
- Distressed tourist –sounding almost straight from a campfire story, this type of lure tricks users into giving money to a so-called tourist that needs financial aid to get home. Not only does this tactic fool users into shelling out money, but the attacker could get into the user’s email account and steal sensitive information.
- “Breaking news” videos/articles – catchy headlines that tackle hot global news and current events will always be viable bait for cybercriminals to use against unknowing users. This social engineering technique can easily trick users to click the malicious link and even share it with their friends on social media.
- Government notices and summons – similar to “breaking news” scams, attackers like to use fake notices from the government to alarm users and trick them into opening a malicious email.
- Facebook chat termination – this spammed notification asks users to verify their account or else their chat account will be terminated. When the user follows the attacker’s instructions, the attacker will end up with access to the user’s account.
- Outdated software – because we all want to be constantly connected, the availability of Internet access is an important factor especially when we’re on vacation. Attackers use the “outdated software” notice to trick users into clicking a malicious button which results in a malicious file.
- Copyright infringement and other fake violations – this scare tactic involves a notification, supposedly from a branch of government such as the FBI, that informs the user that their device has been locked for using fake software or violating copyright infringement laws. The notification then displays a payment process to unlock the device.
- Ebola virus scare – as usual, cybercriminals play on the fear of users by using news items—such as the Ebola virus—as bait for phishing scams. The tactic then involves a link that supposedly goes to a guide on safety measures, but is actually a lure for users to click on malicious links, visit malicious sites, or download malware.
It’s not easy to avoid online tricksters. Even if you think you’ve dodged the latest scam, there will always be new Internet vampires attempting to suck out your data, invade your privacy, and harm your security. Before you fall victim to these nefarious schemes, bolt your systems and devices with security software that can guard you against scams and other online threats. Stay safe, and Happy Halloween!
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.
- Ransomware Spotlight: Trigona
- Steering Clear of Security Blind Spots: What SOCs Need to Know
- Understanding the Kubernetes Security Triad: Image Scanning, Admission Controllers, and Runtime Security
- Preempting Threats to Connected Cars: The Importance of Cybersecurity in a Data-Driven Automotive Ecosystem
- Your Stolen Data for Sale