Criminals do their best to mask their intentions. One of the tricks they use is to mask a fraudulent website with something innocent or difficult to decipher. Three tips to avoid malicious email links
If a fraudster convinces a person to open an email scam, that’s half the battle. The other half is convincing that same person to click on a malicious link. One way to accomplish that goal is to add a “skin” to a link to make it look like something else. Three tips to avoid malicious email links
A skin changes the look of an underlying asset. Vehicles would look very different without a top layer of paint, or skin, which protects the metal beneath. The same is true for websites.
When a criminal adds a skin to a website, it changes the look of the asset. A website called robyoublind.com can have a skin that changes its identity to friendlylocalbank.com. How do they accomplish this? Test this example below: Three tips to avoid malicious email links
We’ll use the fake website http://wintersolsticebank.com as an example. If you receive an email alerting you to a potential fraudulent attack on your bank account with Winter Solstice Bank, you might be tempted to click the link provided in the email to change your password. If you clicked the link above, it didn’t direct you to the banking website, but rather the website http://ownyourdefense.net.
There is a way to see the true website a link will direct you to. If you hover your mouse cursor over the link, the true destination will appear on your screen, either on the lower left portion of your web browser or other location depending on the software you use. Never click a link unless you know precisely where it will take you.
While this technique is useful, it doesn’t work when a criminal uses a URL (Uniform Resource Locator) shortening service. A URL is just another name for a website address, so don’t let the techy name throw you off.
TinyURL, bitly, Ow.ly and other website shortening services offer a valuable way to transform painfully lengthy links into short, easy to manually type into a browser, and far more aesthetically pleasing links. Fraudsters might sometimes use these services to mask their malicious websites.
A criminal could use a website shortening service to modify the appearance of a website such as http://ripyouoffnow.com to look like something less threatening such as http://shortlinksite.com/dfg732. Hovering a cursor over a website that is shortened by such a service will show the address of the shortened link, not the ultimate destination address.
To pierce the veil of ambiguity and see where a shortened link will lead, right click on the link in your email, select Copy Link Location, and then open a new tab in your browser. Navigate to one of the shortened link unmasking services below and copy the shortened link into the website.
https://sitecheck.sucuri.net/
http://checkshorturl.com/
These websites will tell you exactly where a shortened link will take you and reveal other useful information about the site. Three tips to avoid malicious email links
The best policy to avoid malicious links contained in emails is to avoid clicking on anything in them. Instead, open a fresh tab in your web browser and manually type in the site you want to navigate to, or better yet, bookmark the safe site in your web browser and click on that instead. Always use caution when reviewing emails and you’ll never regret it. Three tips to avoid malicious email links
Three tips to avoid malicious email links
Three tips to avoid malicious email links Three tips to avoid malicious email links Three tips to avoid malicious email links Three tips to avoid malicious email links Three tips to avoid malicious email links
