Everyday we encounter a plethora of links coming from incoming emails, instant messenger clients, SMS messages on our phones, and those on websites and apps we visit. Due to the enormous amount of links we are exposed to on a daily basis, the chances of us clicking on adversely represented links is very high. The term “MALware” comes from a combination of the terms, “malicious” and “software”. While different from a virus, MALware cannot corrupt files in the same way as viruses and instead intercept user data and send it to a third party. “MALware” is also different from “Ransom ware” which hijacks your computer and forces you to pay a ransom to get your data back from the attackers.
Mal directs its approach by examining how people respond to “Phishing Scams”. Phishing scams include links that are masked as destinations and sites that are trusted but include code that steals personal information. According to the FBI’s Internet Crime Complaint Center it was reported that people lost $57 million to phishing schemes in one year. These spoofs often use subdomains to imitate the legitimate links or links that have added subdomains such as a common one spoofing Chase Bank like “cha.se.com”, or “chase.anydomain.com”. These spoofs might also use subdomains to imitate the legitimate link such as links that have added subdomains like: cha.se.com, or chase.anydomain.com. Be sure to double check for hidden additional characters, or lookalike characters as well: cha-se.com, or chas3.com.
MAL is an artwork and bot that will automatically click on links based on a list of specific criteria that would specify that link to be fraudulent. This form of “Human Error” occurs constantly and the software, not the human, is typically blamed for these mistakes. MAL shows how human error could be designed into future forms of software to emphasize human frailty when using software systems.
A Few Criteria that expose suspicious links:
1. If the text link is different from the HTML link.
2. if the word in the link is too close to an existing URL.
3. If the embedded link is too long (longer than the text link).
4. If it links to a suspicious root domain.
5. If the link is masked by a link shortener.
6. If it links directly or redirects to a file rather than a web page.