By Don Jones, Claire Nobles, Andrew Frederick; Comcast Cable
A single click of the mouse can cost you your house. A 2021 news article by network solution provider Barracuda measures “bad bots mak[e]ing up nearly 40% of all traffic” (N/A, 2021). It all starts with a single click. Every day, millions of people are asked to click on a link that could cost them everything they own. Malicious links are presented by email, by phishing websites, by dangerous ads on less than reputable websites, by gaming cheats and cracks, and even SMS (Short Message Service) text messaging.
With the exponential growth of the Internet, the threat of these kinds of attacks is supported by a burgeoning underground economy that has only increased the complexity and frequency of their attacks. Tactics are not limited to offering something for nothing. Recent phishing frauds focus on telling the victim something will happen unless they opt out and will often attempt to appeal to their victims at an emotional level. Malicious botnets have different purposes ranging from identity theft to distributed denial-of-service attacks against critical infrastructure. Victims of identity theft based on botnet infections rarely know how they were compromised, leaving the door open for victims to continuously be recompromised. The end goal of most botnets is monetary gain through identity theft, but the proliferation of botnets also lends itself well to their use as a cyber weapon. The threat vectors vary for users, Internet Service Providers (ISP), retail companies or governments. Though there are legitimate uses of botnets, malicious payloads span a range from questionably legal tactics to blatantly malicious activity. This paper shares ways to identify the initial signs of danger, minimize exposure to these threats and to help bring focus to the recognizable indicators of malicious links.