Phishing is the number one scheme afaik. Basically the link looks legit, and the website you go to looks just as legit, but it’s a scam site built to get CC info or meta data out of the unsuspecting user. Usually it’s a letter off the normal site, or adds a period somewhere in the spelling. Something innocuous that you wouldn’t notice right away.

Another would be if the link has something attached to it, like a trojan, but I’m nowhere near knowledgeable enough to speak on that subject.