As of late, ransomware (malicious software that forces the victim to pay up or lose everything on the computer by encrypting everything) has become rampant and the best way to defend against it is to be wary of it. DeviantArt has been hit with 'bot' accounts that have started developing tactics to lure unsuspecting users to go to sites riddled with a rather-powerful ransomware called Cerber and account-jacking software as well. From there, this will force the target to pay up and will continue to spread by using the account you used along with any emails they can find tied to that account to further widen the area of effect.
Question: "If this is happening on DeviantArt, why are you bringing this up here?"
Answer: Because of the nature of these bots, it is possible we may see something like this. I would rather our forums remain knowledgeable and safe than without this knowledge and be put at-risk.
Question: "Point taken, but what can be done to stop this from happening?"
Answer: While we as the staff can take care of the accounts that may start up acting like these ransomware bots, we may not catch all of them. If you find any, do not respond to them... instead report them if they are posting suspicious links or report their profile if their profile contains nothing but these suspicious links. To report a post, look for a button that looks like this:
on the post. To report a profile, go to the user's profile and then choose from the Actions menu the "Report Profile" to submit a profile report (image below to clarify). This will notify the staff that something is wrong.
Question: "How will I know if such a user is present or how can I tell this type of user from maybe a valid member?"
Answer: That is probably one of the more important questions to be asked. The main-tactic they will try to do is spam a link, either by repeatedly posting it or posting it to be hidden within their post (as hyperlinked text), or even just saying "come see my profile!" and having the link strewn-about in various places within the profile. All it takes is one curious-click to it for damage to possibly be done.
Question: "Are you telling me that all links repeatedly-posted are bad?"
Answer: Not at all. However, I will show you a few ways you can see some bad links. Do not click these as these are example methods of how users might drop links.
First up, the Direct method: www.example.com Simple, no alterations in BBC, quick-and-easy to get out there. This is the way most users would drop a link to be seen.
Second, Hidden Link method (text and link) : Example Text www.anothersite.com [url=www.example.com]Example Text[/url] [url=www.example.com]www.anothersite.com[/url] This one is harder to tell what's exactly in it because they hide the link within the text for the first one and the link is hidden within another link in the second one to intentionally take you to a site that you did not expect.
Third, Hidden Link method (images): 
[url=www.example.com][img]http://i.imgur.com/BpKopko.png[/img][/url]In this version, it's harder to pull off since it requires more forethought of the the code we use, which is BBCode, and how it behaves to prevent breaking the link or breaking the image. It's harder to even tell that this is even a link unless you put your cursor over it (which in some cases, it may be "underlined").
In all three link-cases, you should be able to put your mouse over the link and even get a small notification of where the link goes (depending on your browser/OS). If you are not familiar with the link,
don't click it! While some blatantly-malicious links are well-known, there are quite a number out there that aren't.
Question: "I've clicked a bad link! HELP!"
Answer: Calm-down, run an anti-virus/anti-malware scan, and change the password of your account on here (make sure it is secure! No less than 8 characters, no less than one upper-case, no less than one lower-case, no less than one number, and no less than one symbol! I use 16 and no less than two of each personally) and on the email you have connected to the forums. Do not wait to do so, but do not let it worry you.
Question: "You mentioned that we should be wary of links, but you used 'example.com'... is it safe?"
Answer: The link 'example.com' is safe, but if you do not believe me, mouse-over it and verify for yourself that it does indeed go to example.com. If needed, copy-and-paste that link (right-click, copy-link address) then paste it into a URL scanner. Example.com is a reserved site and domain for educational purposes.
Question: "Okay, I've found a link, but how do I tell where it goes?"
Answer: Mousing-over a link or an image (if it is linked) will often show a "This link will take you to this location" Here is another example that might help out in how to see the link, which is just by mousing-over (no click involved) the said-link. Where it will be depends on your browser, Chrome usually does it in the bottom-left of the screen while some will do it next to the mouse-icon (as shown here as an example, do not follow the links they use though).
Also of mention by A briskly little challenger, some browsers may not do the mouse-over view (as I have found out that is a Java function if it is installed), but also provided by A briskly little challenger, there is the Inspect Element method. Right-click on the link/image and choose Inspect or (Inspect Element depending on what browser you are using). This will bring up a small window within your browser that will look something like this (used the anothersite as the example here). When you do this the link's text and direction url should be selected as what you are inspecting.
If you have any further questions pertaining to this, please do drop a PM to me and I may add the question to the FAQ's if it is relevant along with an answer for it.
Edit1: Update to include both the mouse-hover and the Inspect (Inspect Element) methods.
Topic: Something of mention to all members: (Read 27114 times)