What do all of the most successful hackers have in common?
Mastery of social engineering!
Turns out we are the weak link…
Social engineering is the art of psychologically manipulating individuals into giving up confidential information.
Unfortunately, socially engineered attacks are not only becoming more common, but they’re also growing more sophisticated.
And as humans, we don’t seem to be adapting as rapidly.
Recently, Questionnaire scams have hit premium publishers’ sites, showcasing high-level social engineering.
With connected devices in nearly every household along with the possible economic downturn in the background, the lure of questionnaires scams is at an all-time high.
The Malicious Pursuit
As it turns out, all bad actors have one purpose—to shift the user.
Pop-ups promoting questionnaire scams cleverly use social engineering attacks to trick users into filling out forms, which ultimately steal their information or may install malware onto their devices.
The combination of effective social engineering lures and copycat site builds, drives users to blindly follow the malicious prompts.
You’ve been personally selected to take part in our Browser Opinion Questionaire! Tell us what you think of Google Chrome and to say, “Thank You” you’ll instantly receive a chance to win an Apple Iphone11!
As it turns out, the above message is not from Google.
But for users caught off guard while surfing on a trusted publishers site, it seems possible that it could be legitimate.
Instead, the pop-up has been intentionally planted by a scammer to rob users under false pretenses.
Clicking on the ad redirects users to the questionnaires landing page. Unfortunately, users often become trapped on the page as these malicious sites often employ scripts that prevent users from closing browsing tabs or windows.
Next, after answering a series of questions, the questionnaire will conclude with a section for a user’s email address and password.
But Isn’t that obvious red flag number one?
Cybercriminals convince users the information is necessary to redeem their gifts or for follow-up procedures.
Meanwhile, to push any doubt out of a user’s mind fake comments are built right into the scam to convince users that other users are actively participating and receiving their prizes!
The Damage is Done
With only a few keystrokes, users have played right into the hands of cybercriminals.
Upon questionnaire completion, users may check their email for follow-up info which may contain malicious files, data-stealing malware or ransomware.
Unfortunately, the ecosystem is full of bad actors looking to take advantage of publishers and users.
And not to mention, users on premium publishers’ sites are particularly vulnerable to these Questionnaire Phishing Attacks, as they may reflexively trust an ad on a known publisher’s site.
As publishers know well, a strong publisher is only as good as the user experience it provides.
And today, publishers are at the mercy of their socially empowered users. If users find a site risky, it may become an extension of the company’s reputation and perceived identity.
A couple of viral tweets or a string of criticism-fueled posts on Facebook are all it takes to damage a strong publisher’s reputation.
Now more than ever, the current climate calls for publishers to protect their brand and users with an ad security tool.
Publishers around the world rely on GeoEdge to stop malicious and low-quality ads from reaching their audience.
GeoEdge allows publishers to maximize their ad revenue without quality concerns, protect their brand reputation, and increase their user loyalty.