Recognizing a deceptive link – Article 3718 - Article 3718

Deceptive links are a common trick used by scammers, both in emails and on web pages (especially advertisements). They will create a link that mimics a legitimate web address—but when you click it, it takes you to a completely different site than you expected.

An example: A phishing email sent to individuals here at the UI included the link:

www.its.uiowa.edu/webmail

Sounds legit, right? However, the underlying address was completely different, so when people clicked it they were sent to something more like this:

www.abc-bad-link.com/use/upgrade/form.html

What’s the worst that could happen if you click one of those bad links? Your computer could be infected with malware … and an infected system can do just about anything, from stealing your personal information to spamming your unsuspecting contacts in an effort to infect their machines.

So how can you tell if a link is deceptive?

BEFORE you click it, hover your mouse over the link. The link it actually leads to should pop up in a box or bubble (and it may even warn you of a mismatch). Look at the URLs closely to make sure they match.

Also, be cautious of any link that doesn’t clearly indicate where it leads—particularly links that say “click here” or those that do not disclose where you go when you click them, such as those provided by URL shortening services (tinyURL, bitly, etc.).

How to Spot Fake Email Addresses | Understanding Web Site Names | Deceptive Addresses | Forged Email Addresses

Info Center: