A common trick used in fraudulent emails is to create a link that mimicks a legitimate web address, but have it link to or take you somewhere different when clicked. The same concern applies to links on a web page, especially advertisements.
For example, a link claiming to be from ITS (as seen in a phishing email) was seen as "www.its.uiowa.edu/webmail/". However, the underlying address was something completely different, pointing to "www.amellinc.com/phpforms/use/upgrade./form1.html".
When you hold (hover) your mouse over a link in an email message or your browser, it may display the actual URL the link leads to, and may even warn you of a mismatch. Look at the URLs closely to make sure they match and are not mimicking a legitimate address.
Also be cautious of any link that doesn’t clearly indicate where it leads, particularly links that say “click here” or links that do not disclose at all where you go when you click them, such as those provided by URL shortening services (tinyURL, bitly, etc.).