Point At URL BEFORE You Click

by Tony Bradley [Published on 19 May 2005 / Last Updated on 19 May 2005]

Many spam offers and phishing scams trick users into going to a web site that has nothing to do with what the URL appears to link to. Before you click, take a look at the true URL behind the link.

I realize that the majority of the people in the world are not security experts. In fact, far  from being experts, I understand that they may know little to nothing about basic computer and Internet security.

That said, I am still constantly baffled at just how little social engineering it takes for users to fall for a malicious message and become victimized by the latest virus or phishing scam. A message claiming to be from Paypal.com stating in broken English that your account needs to be updated is probably NOT actually from Paypal. I am sure they have people who check the grammar and spelling before bulletins are sent to their customers.

People should have realized a LONG time ago that blank messages with password-protected ZIP file attachments called "details" are probably just another variant of the Bagle or Mydoom or Netsky worms, yet people still open email file attachments, password protected or not, just to see what is inside regardless of whether or not they have any clue who the sender is.

The whole idea of basic user security awareness training is an entirely separate issue that I can't hope to solve in this one short tip. But, here is one idea that may help you. When you receive an email with a web link in it, or even if you are on the Web and preparing to click on a link, stop and point at it for a second before you click.

When a URL link is inserted into an email or a web site, there are two parts to it: the text that is displayed and the actual URL it links to. Often, those with mischievous or maicious intent will have the text display one thing, while the underlying URL goes to something else entirely.

If you point at an underlined link from within Outlook, a pop-up window will display the actual URL behind it. Similarly, if you point at a Web link from within Internet Explorer the URL that it links to is displayed in the information bar at the bottom left of the screen.

So, next time you get a message claiming to be from Bank of America and asking you to please click on the link to update your personal data, point at that web link that says "www.bankofamerica.com" and make sure the underlying link doesn't say something like "trojan.malware.123.stealusersidentity.net".

Better yet, don't ever click on a link from within an email. Even if you are virtually sure that it is a legitimate request. Exit the email and open your own Web browser window and manually enter the URL to ensure you get to the right place rather than risk being redirected to a malicious site.

Tony Bradley is a consultant and writer with a focus on network security, antivirus and incident response. He is the About.com Guide for Internet / Network Security (http://netsecurity.about.com), providing a broad range of information security tips, advice, reviews and information. Tony also contributes frequently to other industry publications. For a complete list of his freelance contributions you can visit Essential Computer Security (http://www.tonybradley.com).

See Also

Featured Links