The Furry Forums
TFF Central => Announcements => Topic started by: Vosur Aekira on September 11, 2017, 02:34:44 PM
-
As of late, ransomware (malicious software that forces the victim to pay up or lose everything on the computer by encrypting everything) has become rampant and the best way to defend against it is to be wary of it. DeviantArt has been hit with 'bot' accounts that have started developing tactics to lure unsuspecting users to go to sites riddled with a rather-powerful ransomware called Cerber and account-jacking software as well. From there, this will force the target to pay up and will continue to spread by using the account you used along with any emails they can find tied to that account to further widen the area of effect.
Question: "If this is happening on DeviantArt, why are you bringing this up here?"
Answer: Because of the nature of these bots, it is possible we may see something like this. I would rather our forums remain knowledgeable and safe than without this knowledge and be put at-risk.
Question: "Point taken, but what can be done to stop this from happening?"
Answer: While we as the staff can take care of the accounts that may start up acting like these ransomware bots, we may not catch all of them. If you find any, do not respond to them... instead report them if they are posting suspicious links or report their profile if their profile contains nothing but these suspicious links. To report a post, look for a button that looks like this: (http://i.imgur.com/5uSF8TB.png) on the post. To report a profile, go to the user's profile and then choose from the Actions menu the "Report Profile" to submit a profile report (image below to clarify). This will notify the staff that something is wrong.
(http://i.imgur.com/uNCluqt.png)
Question: "How will I know if such a user is present or how can I tell this type of user from maybe a valid member?"
Answer: That is probably one of the more important questions to be asked. The main-tactic they will try to do is spam a link, either by repeatedly posting it or posting it to be hidden within their post (as hyperlinked text), or even just saying "come see my profile!" and having the link strewn-about in various places within the profile. All it takes is one curious-click to it for damage to possibly be done.
Question: "Are you telling me that all links repeatedly-posted are bad?"
Answer: Not at all. However, I will show you a few ways you can see some bad links. Do not click these as these are example methods of how users might drop links.
First up, the Direct method: www.example.com Simple, no alterations in BBC, quick-and-easy to get out there. This is the way most users would drop a link to be seen.
Second, Hidden Link method (text and link) : Example Text (http://www.example.com)
www.anothersite.com (http://www.example.com)
[url=www.example.com]Example Text[/url] [url=www.example.com]www.anothersite.com[/url] This one is harder to tell what's exactly in it because they hide the link within the text for the first one and the link is hidden within another link in the second one to intentionally take you to a site that you did not expect.
Third, Hidden Link method (images): (http://i.imgur.com/BpKopko.png) (http://www.example.com)
[url=www.example.com][img]http://i.imgur.com/BpKopko.png[/img][/url]In this version, it's harder to pull off since it requires more forethought of the the code we use, which is BBCode, and how it behaves to prevent breaking the link or breaking the image. It's harder to even tell that this is even a link unless you put your cursor over it (which in some cases, it may be "underlined").
In all three link-cases, you should be able to put your mouse over the link and even get a small notification of where the link goes (depending on your browser/OS). If you are not familiar with the link, don't click it! While some blatantly-malicious links are well-known, there are quite a number out there that aren't.
Question: "I've clicked a bad link! HELP!"
Answer: Calm-down, run an anti-virus/anti-malware scan, and change the password of your account on here (make sure it is secure! No less than 8 characters, no less than one upper-case, no less than one lower-case, no less than one number, and no less than one symbol! I use 16 and no less than two of each personally) and on the email you have connected to the forums. Do not wait to do so, but do not let it worry you.
Question: "You mentioned that we should be wary of links, but you used 'example.com'... is it safe?"
Answer: The link 'example.com' is safe, but if you do not believe me, mouse-over it and verify for yourself that it does indeed go to example.com. If needed, copy-and-paste that link (right-click, copy-link address) then paste it into a URL scanner. Example.com is a reserved site and domain for educational purposes.
Question: "Okay, I've found a link, but how do I tell where it goes?"
Answer: Mousing-over a link or an image (if it is linked) will often show a "This link will take you to this location" Here is another example that might help out in how to see the link, which is just by mousing-over (no click involved) the said-link. Where it will be depends on your browser, Chrome usually does it in the bottom-left of the screen while some will do it next to the mouse-icon (as shown here as an example, do not follow the links they use though).
(http://my.kweliteokc.com/uploads/1/3/3/6/13361572/5344518_orig.png)
Also of mention by A briskly little challenger, some browsers may not do the mouse-over view (as I have found out that is a Java function if it is installed), but also provided by A briskly little challenger, there is the Inspect Element method. Right-click on the link/image and choose Inspect or (Inspect Element depending on what browser you are using). This will bring up a small window within your browser that will look something like this (used the anothersite as the example here). When you do this the link's text and direction url should be selected as what you are inspecting.
(https://i.imgur.com/gaaqErc.png)
If you have any further questions pertaining to this, please do drop a PM to me and I may add the question to the FAQ's if it is relevant along with an answer for it.
Edit1: Update to include both the mouse-hover and the Inspect (Inspect Element) methods.
-
So on that note should i start posting images instead of making them look like
Valid link ? (http://google.com)
^-- Goes to google.
I use such links in roleplay to help visualize things I write about.
Example.
I drew My Sword (https://i.imgur.com/KEWlOyl.jpg). <--- Image of a sword.
-
Allright, time for a massive tsunami of reports it seems.
I
-
Alessia Starfurr:
You don't need to change how you write, no worries! This is about people being careful to not link -but moreso especially to not click- any links that you're unsure about, and that they can be hidden in different ways (like indeed hiding it in text or hiding it in an image).
Just hover over the text or image to verify if it's a 'good' link or not. If you're unsure, as Vosur said, feel free to PM if you have any questions.
You may also PM me and I'm sure others of staff as well, so please do so if you are unsure about anything!
So once again, no, you don't need to change your writing style, no worries! ^^
Bricket:
As Vosur stated there are ways to check to see if it's about a 'good' or 'bad' site. If you do see a 'bad' site, don't click on it and mention it to the staff. So that should already prevent a huge amount of reports already.
And if you have any questions, to send a PM!
-
I'll second the mention that Ventus brought up: It's not about changing your style about how you post things, it's about being careful not to click on something that could be potentially-dangerous. Why I made this post was actually to bring awareness that there are "ransom-ware bots" out there that will not only hijack your computer, but can potentially hijack your account on here (sometimes going a step further and hijacking your email-address as well).
-
wow, I'll be careful, didn't know that was possible
especially that I have an art thread as well, all my arts posted on Deviant Art
I only put the image and no links at all
Sounds terrifying Vosur
-
You don't have much to fear as long as you are careful. Mousing-over a link or an image (if it is linked) will often show a "This link will take you to this location" Here is another example that might help out in how to see the link, which is just by mousing-over (no click involved) the said-link. Where it will be depends on your browser, Chrome usually does it in the bottom-left of the screen while some will do it next to the mouse-icon (as shown here as an example, do not follow the links they use though).
(http://my.kweliteokc.com/uploads/1/3/3/6/13361572/5344518_orig.png)
-
got it thanks, I see what you mean, just missread the post :3
-
firefox shows it in the lower left corner.
-
Maybe you could mention that if the link doesn't show, when you hover your cursor over it, you can simply right click it, and pres "Inspect elements" or copy link aderess, and paste it somewhere, soo you can see where it goes?
-
Maybe you could mention that if the link doesn't show, when you hover your cursor over it, you can simply right click it, and pres "Inspect elements" or copy link aderess, and paste it somewhere, soo you can see where it goes?
I don't know how many people here understand HTML though.
-
Maybe you could mention that if the link doesn't show, when you hover your cursor over it, you can simply right click it, and pres "Inspect elements" or copy link aderess, and paste it somewhere, soo you can see where it goes?
While that is good to note, the way I mentioned (mouse-hovering) also works on just about every non-mobile browser type and is probably the faster method for seeing where it goes. Also, if you're using a mobile-browser, it is too easy to tap a link and so far I have not seen a safe way to inspect links through that without risking on clicking any hyperlinked items (text or otherwise).
The biggest piece of advice still rings true for mobile and regular browswers: If you don't trust who is giving the link, don't click on it.
-
Maybe you could mention that if the link doesn't show, when you hover your cursor over it, you can simply right click it, and pres "Inspect elements" or copy link aderess, and paste it somewhere, soo you can see where it goes?
While that is good to note, the way I mentioned (mouse-hovering) also works on just about every non-mobile browser type and is probably the faster method for seeing where it goes. Also, if you're using a mobile-browser, it is too easy to tap a link and so far I have not seen a safe way to inspect links through that without risking on clicking any hyperlinked items (text or otherwise).
The biggest piece of advice still rings true for mobile and regular browswers: If you don't trust who is giving the link, don't click on it.
as i said though that shows the code and i'm not sure how many people here know HTML even though it's a pretty simple language.
-
I think it's not that hard (https://www.rheinmetall-defence.com/en/rheinmetall_defence/index.php), actually...
When you press "Expect elements" and hover the mouse over the link, it should just show you the aderess straight away.
And, I'm not shure if it's more common, but if I hover my mouse over any link, nothing will happen. I really have to employ some "beyond user interface" stuff to see where a link goes, and maybe it might be handy if I just made a little screenshot explaining how simple that is, to anyone else who doesn't get anything from mouse hover?
(https://img00.deviantart.net/71eb/i/2017/256/0/9/a666_by_happycomrie-dbn9oo4.jpg)
-
Went on ahead and added another question pertaining to how to view where the link goes and both methods (mouse-hover and Inspect/Inspect Element) to see them.