Deceptive Addresses - Article 3719

Scammers often create a web site name that includes some relevant words, but careful examination reveals it is bogus. This is especially true of web addresses (URLs).

For example, the following URLs are from email messages that purport to come from ITS:

Example 1: http: //uiowaoutlook.uiowa.com.ru/outlook.htm 

Example 2: http: //216.32.44.201/outlook.htm

You can tell these are bogus links, even though they both contain variations on “ITS" or "uiowa”. Ignore everything that comes after http:// and the first “/”. What remains is the actual site name:

Example 1: http: //uiowaoutlook.uiowa.edu.ru/outlook.htm 

The first example includes “uiowa.edu,” but ends with “.ru” The “.ru” indicates a site in Russia, an unlikely origin for a message about any UIowa account.

The second example doesn’t have the host name, just the numeric address (IP address) that underlies a host name. A URL that only includes an IP address should be treated with great suspicion.

Example 2: http: //216.32.44.201/outlook.htm

Watch for simple letter substitutions. For example, you might also see something like service@ u1owa.edu, with an “1” (numeral 1) instead of an “i” (lowercase i) in “uiowa.”Other common examples may include:  http: //its.uiowa.edu.ty or Helpdesk@ its.ui0wa.edu 

How to Spot Fake Email Addresses | Understanding Web Site Names | Concealed Web Site Addresses | Forged Email Addresses

Info Center: