Maybe a friend of yours found his Instagram or TikTok contact literally with changed credentials, why? He clicked one of the thousands of links deceptive messages that malicious people usually send via private message.

Misleading links, what they are and who sends them

Misleading links are sent, needless to say, by malicious people who want to steal data, in some cases they can aim to steal if there is any information that can somehow have access to your bank account and plunder it digitally.

In other cases it is “simply” attempts to be able to steal your account of a certain social network, one of the main reasons it’s definitely phishing.

Another reason why these links are often sent is spam, fraudulent advertising and various scams, although we will talk about especially account theft via deceptive links.

What these links contain on a technical level

On a technical level, it can be said, making it easy, that these links contain malicious code, very, very mildly; to be precise we can say that contain code written in programming languages.

However, very often, it is difficult what programming language these deceptive links may have been made in, as they are not all created equal.

For example, if the “A” link has JavaScript code that redirects you to a site that invites you to click by sending your bank credentials, others, such as those that change the credentials of your Instagram or TikTok account they may have code in PHP or other languages ​​that can automatically change your account credentials, bypassing platform controls.

How to recognize deceptive links

Below are some instructions that will help you understand how to recognize them, because this is the real challenge (especially for inexperienced users).

Examine the URL : Check the URL of the link carefully. Often, deceptive links contain spelling errors or subtle differences from the legitimate URL. Make sure the URL is spelled correctly and exactly matches that of the platform or website you intend to visit.

: Check the URL of the link carefully. Often, deceptive links contain spelling errors or subtle differences from the legitimate URL. Make sure the URL is spelled correctly and exactly matches that of the platform or website you intend to visit. Look at the overall look : Pay attention to the general appearance of the link. If it looks suspicious, don’t trust it. Links that are too long, complex or with strange characters can be warning signs.

: Pay attention to the general appearance of the link. If it looks suspicious, don’t trust it. Links that are too long, complex or with strange characters can be warning signs. Beware of suspicious emails : If you receive a link via email (which is not uncommon) and you’re not sure where it’s coming from, double check the sender’s address. Phishing emails often use addresses that look legitimate but contain minor differences.

: If you receive a link via email (which is not uncommon) and you’re not sure where it’s coming from, double check the sender’s address. Phishing emails often use addresses that look legitimate but contain minor differences. Click carefully : If you have any doubts about the legitimacy of a link, do not click it. It is best to manually search for the website or platform via a search engine or by typing in the known URL.

: If you have any doubts about the legitimacy of a link, do not click it. It is best to manually search for the website or platform via a search engine or by typing in the known URL. Use a preview link : Some messaging and social media services offer previews of links (such as Telegram does), this can help you see where the link will take you without having to open it directly.

: Some messaging and social media services offer previews of links (such as Telegram does), this can help you see where the link will take you without having to open it directly. Access requests : Beware of web pages that request access to your credentials (username and password) in an unexpected or unsolicited way. Never provide this information unless you are sure the request is legitimate.

: Beware of web pages that request access to your credentials (username and password) in an unexpected or unsolicited way. Never provide this information unless you are sure the request is legitimate. Check the reliability of the source : If you receive a link from a friend or contact, it could still be deceptive if the account has been compromised. Check with the sender if it was actually sent by him.

: If you receive a link from a friend or contact, it could still be deceptive if the account has been compromised. Check with the sender if it was actually sent by him. Use security tools : Some browsers and security software offer protection against malicious links. Make sure you are using up-to-date anti-virus and anti-malware software.

: Some browsers and security software offer protection against malicious links. Make sure you are using up-to-date anti-virus and anti-malware software. Keep your applications and operating system up to date : Updates often contain security fixes that can protect you from online threats, including malicious links.

: Updates often contain security fixes that can protect you from online threats, including malicious links. Be critical: Keep a critical mindset when dating links online. If something seems too good to be true or seems fishy to you, it’s best to stay away.

What to do if you have fallen into the trap

If you have fallen into the trap and it is too late to recover your account, don’t panic anyway, search the help center on the site or application concerned and send an email immediately, the sooner you do it, the sooner you will recover your account.

It should be noted that deceptive links are necessarily sent via a private message, but they can also be hidden in misleading advertising, often without the knowledge of the owners of a particular platform; for this reason even an AdBlocker can be essential as protection.

In summary, always be careful what and where you click and good luck!