PS: Sorry my english, but isn't my naive language.

In the early Internet days, or better, when we had Internet for the first time... can you remember the happiness of receiving our first e-mail message? Can you remember how emotion'd you was when you saw your "Welcome to our e-mail program" mail, even with the fact that that was an automatic message?

Yes, probably younger deviants don't know that feeling since they always had Internet. But we older deviants could remember that.

Old deviants, surely will remember those emails saying:
"Hey, you. I've got a mail from a friend of your friend. How small is the world! Well, I have something to propose you. I've received a lot of money from my grandma that died, and I want to put a Koala-exporting enterprise. Koala meat is tasty and highly valuated in the world. If the enterprise is good, a Koala exporting enterprise can give about $1.000.000 to their workers daily.

But I can't do this alone. I need some help from someone in which I trust. And that's why I'm contacting you."

Well, surely your mail didn't had a Koala related message, but I'm sure you grab the idea. Having a good idea, a good story and a good bank account, you can make millions of dollars with those poor tweets that are roaming in the world. Always there's a fool that falls, that's the idea.

Now we have (well, not we. You have) super fast Internet connections over 2 Mbps (no, I have only 128. Yes, I live in a third world country. So what?), and the pages are fully loaded with incredible Flash animations, Java games/scripts, dynamic HTML (Yes, dA has loads of that. If you don't believe me, try to use dA on Elinks or early versions of Konqueror). But one thing remains like in the first days of the network... and that is the form of trying to reach the people.

And this is what is called "Social engineering".

Hackers will recognize it from far away. The social engineering consists in the methods for convince someone to do something that normally he wouldn't. Example, if I come to you, tell you "Do you know... I have cancer and I need money...", and you that normally don't give money, give me some, I'm applying social engineering with you, and I'm successful.

In the world of hacking, that is applied normally to steal passwords. By example, if you receive an email that apparently comes from MSN staff telling that they need to update a data from you, you follow the link in the email and they ask you your e-mail and password, you could just being fooled by the trick. MSN staff's mails always have the butterfly icon. Other mailing systems has their own styles. But as most people don't watch if the URL (Internet address) is fake, lot of people falls.

When the e-mail virus appeared, they started to do their social engineering trick adding something very important: The trust relation. If a friend comes to you saying "I need $35, could you help me?" and a guy that you don't know comes to you saying "I need $35, could you help me?"... who's more trusty?

(OK, OK, some friends aren't so trusty like the unknown guy. But you understand the idea).

If I receive an email from a friend telling me "Look at this word document, it rocks", is very possible that I could open it, because "I trust in my friend". Thing that wouldn't happen if I receive that from an address I never knew that existed.

That was exploited by virus makers, and that was one of the reasons why IloveYou had so big acceptation.

And now dA. DeviantArt.
Had a virus based on the trust of the friends. "Come, check out this, could be of your interest" only 1 week ago. And now we have another one?

Please have in mind the following, that will help you not only on dA, also will help you outside:
Virus creators want you to do it.

Now, you'll ask: "and how to discriminate when something is a real thing that you friend wanted to send you from something that another person posted?"
Well, here are my steps. Arent the only ones, but you can make you an idea.

1. Ask your friend. If he posts an URL and you can't guess what it is, ask him "What is that?". You could even hide the comment and send him a note. Beware with the address. Is easy to confuse "youtube.com" with "yutube.com" or "wikipedia.org" with "wiskypedia.org", or "webforchildren.com" with "4chan.org". Beware.

2. Try to guess the URL. Isn't the same an URL like "uncyclopedia.org/wiki/Marilyn Manson" that "iamsocool.blogger.com/old/article/howtobehackedeasily.html".
Bonus track: Are you receiving TinyURL addresses? You can see the real URL before opening them. Just go [link] and copy it on there.

3. Your friend normally send links into the comments? Also, the grammar of the message... Is something that normally he would send? I mean. If you have a friend that luckily knows something on english and I receive a full message from him on the Shakespeare's language, then... we could suspect.
If you're going to post an URL, always tell something about it, and identify yourself. Identifying the destinatary is important too. It gives "customization" to the message.
Example: Hey, Emilse, you could check (url). Is very funny, about rickrolling" sound much more friendly and custom to my friend Ch********vi than just "Hey, check out this that could be of your interest (url)".
4. Don't log again. If you was perfectly logged on on DA, and after seeing a comment it asks you for username and password again... Why you logged out, in first place?
In another window (or tab) open dA main page, log in, and after that, in the "login window" of the possible virus, hit F5. If isn't fake, your browser will load the page. If is fake, will ask you for login again.

And...

5. Please, please, study a bit. Don't be one of those guys that falls with anything. Don't be a guy that if I say "I want you to die" you run to commit suicide. Don't be the guy that if I say "You should delete the RESOURCES folder inside your Windows folder because it wastes space" you go and do it.

That's my small contribution. Thanks you for your time.
Now you can throw me some cancer or whatever.
Also, I'm not a hacker expert. I used the "hacker" denomination, but the real hackers aren't interested in doing things like a virus. That's for lamers.
Also, this could have some inaccuracies. I know. This is directed more for normal people than computer geeks.
Greetings.