Looking Closely For A Bogus Link

Security Through Reading Links

As I stated before, bad guys are very smart. One way that they fool millions of people is by using links that appear legitimate but will take you to fraudulent sites (often replicas of legitimate websites) where they’ll steal your info, money, credentials and so on. To protect yourself, learn to distinguish good site addresses from bad ones.

The general format of a web address is: http://www.mywebsite.com/directories/filename.

When you have a site address that includes directories and filenames such as above, the main portion to look at is between the double slashes [after the http:] and the next slash immediately after the Top-level Domain or TLD.

In the example above, “mywebsite.com” is the real domain because it is immediately followed by the slash. If you see anything else between the TLD and the slash, it is bogus.

Let’s use an example URL: http://www.mywebsite.com/sample/samplefile.html  or if it has a subdomain: http://www.security.mywebsite.com/sample/samplefile.htm.

Here’s some ways criminals will try to trick you into visiting bogus sites:

Using a website misspelling: http://www.mywebsit.com/sample/samplefile.html

Comment: the URL at first glance looks like our example, but the scammer left off the “e” at the end and misspelled the domain name.

Using a subdomain look alike: http://security-mywebsite.com/sample/samplefile.html

Comment: “security-mywebsite.com” is a completely different address than mywebsite.com. The hyphen between “security” and “mywebsite” does not denote a subdomain, only a dot (.) operator does that.

Using part of a legitimate site in the address: http://www.mywebsite.com.scamsite.com/sample/samplefile.html

Comment: this address includes the name of our sample site but the fact that there is an additional dot(.) separator and another TLD tells you that the real domain is “scamsite.com” not “mywebsite.com”. There should only be one Top-level Domain or TLD (i.e. .com, .gov, .edu, etc.)

Using an “@” symbol with IP address: http://[email protected]/sample/samplefile.html

Comment: if you click this link, you’d be taken to a site with an IP address of 123.456.78.111 not to “mywebsite.com”.

Using a letter combination look alike: http://www.rnywebsite.com/sample/samplefile.html

Comment: Look closely. The scammer used an “r” and an “n” to represent the letter “m” in the “mywebsite.com” address. Other letter combinations can be used depending on the website name such as a double “v” in place of a “w” (i.e. vv) in an address. Look carefully!

In closing, look carefully at the website addresses you’re being taken to when clicking links. If you see anything awry, be suspicious. Bogus sites may subject you to drive-by downloads or try to trick you into disclosing confidential information that will be used to steal your identity.

XSolutions is an Elite Partner of Datto, the world leader in Hybrid-Cloud Business Continuity solutions whose systems protect 250+ Petabytes of data with over 800 employees around the globe. Call (845) 362-9675 and let us introduce you to the ultimate defense against data loss—whatever the cause.