Their are several rules that people of Google Plus should follow. They are unwritten rules that keep you safe. These rules don’t just apply to Google Plus. They apply to most websites.
- Never Click On A Link Unless You Know The URL
- Never Click On A Link Unless You Know The Person Who Gave It To You
Those rules just being stated. I will now give you an example of something that isn’t malicious but could scare someone who clicks on it.
<meta http-equiv="refresh" content="0;https://accounts.google.com/Logout?service=profiles&continue=https://plus.google.com?hl%3Den-US"/>
Pretty much what the above code does is logs the user out of Google Plus. However their is nothing stopping any one from creating something that can really cause some serious damage.
Also a very common thing is people will usually see URL’s that appear to big pictures. Like http://www.bennix.net/fuckmebaby.png When people see a URL that ends with things like .JPG, ,PNG, .GIF, or any picture format they feel that they can trust it. However that is deceiving. Let’s make a our webpage look as though users are going to click on a page. It is very simple. We just create a directory that is named something.jpg like the following.
Now since this is a directory we can drop any file into. Usually their is a default name for web files on webservers. So if we are using an unmodified Apache Server the default file name is index.html. So we save the file as index,html and then we copy it to the something.jpg directory.
cp index.html something.jpg/index.html
Now the file looks as though it is an image stored on the server. The examples in this tutorial are harmless. But their is nothing stopping this from being used for malicious purposes.