Identifying Nefarious Links

By | August 11, 2018

In order to protect yourself on the Internet, you need to be proficient at locating and identifying domain names. This is because, emails and attachments can be used to redirect you to sites that are loaded with bad content. Make sure you can:

  1. Verify the email sender.
  2. Verify any link contained in the message before clicking on it.

Domain?

The domain is the two words after the double slash at the beginging of the URL “//” and directly in front of the first single forward slash “/”.

In the below examples the domain is “it-authority.com

  • ftp://lake.it-authority.com
  • http://Disney.it-authority.com/fort-wilderness
  • https://it-authority.com/ljhskdhfkubdfbbwd76873783/’jbdjnn?

Sometimes the change to a domain is subtle in order to trick you. The links below are NOT the same domain as above:

  • http://Disney.iit-authority.com/fort-wilderness (extra “i”)
  • http://it-authority.co/fort-wilderness (.co not .com)

Links

To prevent being redirected to a bad site you need to hover over all links before clicking on them. After a moment you will see the path or URL that you will be directed to, as in the picture below.

We can see that the message is from Symantec.com and the link is also from the same domain.

Try hovering over this link: www.apple.com

If hovering does not work click on it.

Who Sent It

When receiving an email asking you to take some action or follow a link, begin by looking at the sender’s email domain at the top of the message.

Let’s say you receive the following email:

You open it and see the sender is: dtrump@whitehouse.gov. The name “Donald Trum” is unimportant as it can be changed.

It “looks” to be legitimate, other than the spelling errors, but did you know that the reply address can be different than the sender’s!

When you reply you now see: bhobama@whitehouse.ru.

Note some common mistakes such as unusual wording (comrade), spelling (lade not lady), strange characters (ÿ) and capitalization.

iOS:

It’s a little trickier on the phone, as you can only see their display name in the email- and this can be anything. In order to see the actual sender’s address, you have to tap on the display name in the “from” field at the top, then the email address will be displayed. A good rule of thumb is not to send sensitive information via email, period.