The Learning Center
Home  »  Learn  »  Online Safety  »  Avoiding Phishing Links

Watch Out for Phishing Links and Test Them to Avoid Scams

Phishing links, shady URLs and more
 Share the knowledge!

One of the things we have mentioned to do in the past to help your cyber security is to beware of suspicious emails, especially phishing links.

What is a phishing link, you ask?

First, you must understand what phishing is. We have an article to help you there.

Essentially,phishing is an attempt to lure you into a scam, usually via email. Often, the message of the email tries to lure you to reply of send information.

But not always. Sometimes they want you to click on a shady link.

As you know, online scammers hope to gain access to your computer in any way possible, and one of those ways is to bait you with phishing links that you might want to click on. Once you innocently click on that “link,” you could be headed for danger.

And while phishing emails are one of the ways that these links are passed around, they aren’t the only ones.

There are dangerous links floating around the internet all the time, waiting for some unsuspecting victim to click.

More specifically, you’re going to come across enticing links in your everyday online routine. That link, which sends you to a website or web page, usually has its own special “URL,”what we call the web address.

And with one errant click you make on a shady URL, a hacker can get easy access to your personal information on your computer.

So, where do these dangerous and suspicious links hide?

  • How about that sweepstakes ad that popped up on your computer, saying you’ve won a contest you don’t even remember entering?
  • Or that link you should click on immediately if you want to win that free iPad
  • And remember that post someone forwarded you on Facebook, with the shocking video of the celebrity?

All of these could be baited hooks, waiting for you to bite...and get caught.

Rather than finding out the hard way by becoming a victim, follow these tips to be smart before you click. (And share these with your friends and family too.)

  • 1. Be wary of abbreviated links.

    Currently, one of the top ways to post a link on Twitter, without having it use up all of your characters, is to use a service such as bit.ly to shorten the link. What ends up happening, though, is any identification that was available before is now hidden.

    What could actually be “Imgoingtostealyourbankaccountinformation.com/badguy” gets presented to you as http://bitly.is/28s0d2. Many legitimate businesses use shortened links to make them less intimidating, but that doesn’t mean it’s safe to trust all of them.

    Smart tip: If you’d like to see the expanded version of a short link, try (carefully) right-clicking on the link to copy and paste it into a site like checkshorturl.com or expandurl.net. URL scanners, such as ScanURL or AVG Threatlabs, are also helpful. They can let you know if the link you’re questioning has been reported for malware, viruses, or phishing attempts. If you do not get the “seal of approval” from one of these sites,avoid the link.

  • 2. Avoid strange “characters.”

    Just as certain qualities in a person on the street made you think “stranger danger” as a kid, so there are features of a URL to watch out for. If a potential phishing link contains any strange or unusual symbols or characters, you’re better off avoiding it or running it through a URL scanner.

    So, what qualifies for stranger characters? These do: " < > # % { } | \ ^ ~ [ ] `)

  • 3. Use malware protection and auto-settings

    If you have malware protection software on your computer, make sure it’s up to date. And if you know you are prone to be click-happy, it’s probably best for you to turn on the active-scanning options that come with the software.

    These safety settings are there to identify and stop malware before it infects your computer, rather than trying to clean up the mess afterwards. If you don’t have any malware protection, consider purchasing some for added safety (a typical cyber security recommendation).

Think critically before you click...on anything.

It’s more important than ever to be leery of everything you choose to click when you are on a device. Remember that most fraudsters are hoping you will take their bait, so if it sounds too good to be true (if it seems a little too lurid) avoid it!

For instance, if you were to receive an unsolicited email that is requesting sensitive information, always think twice. It may be smart to get into the habit of checking all sites that come to you requesting sensitive information, such as updating user account information or making any payments outside of your normal bills.

With free resources that you just learned about, like URL scanners, there’s no reason not to double check the sources.

In summary, it’s time for all of us to realize phishing links are out there, and it’s hard, at a glance, to tell a shady URL from a legitimate one. So, slow down, follow our advice, and always, always, think before you click.

Related Articles