Hackers Hide in the Hyperlinks: Spotting Malicious URLs

Hackers Hide in the Hyperlinks: Spotting Malicious URLs

Whether browsing the Web, using social media, or checking your email, it’s important to exercise caution when encountering links. Cybercriminals actively craft deceptive links to steal personal information or infect devices with malware.

Here’s what to look out for:

Hover Before You Click

To identify a malicious link, you must first see where it goes. Hover your mouse cursor over the link’s text, but don’t click on it. This allows you to preview the full destination address before deciding whether to proceed. Be very wary of links trying to send you to an unknown site other than what’s expected based on the context.

Look for HTTPS at the Start

Legitimate websites will use “https://” to indicate that the page connection is secured using SSL encryption. However, just seeing the “s” does not guarantee safety, so further inspection is needed.

Observe the Subdomain

It’s important to pay attention not just to the overall domain name but also to any subdomains listed before the main domain. This is often just “www,” but it can be anything. You might have seen something like “mail.google.com,” and that’s perfectly legitimate.

However, an attacker could use the subdomain to look like the actual domain. For example, “google-mail-login.fake-domain.com.”

The domain you will go to when clicked is “fake-domain.com,” not Google.

Watch out for Special Characters

Look out for hyphens in the domain name. A hyphen alone doesn’t mean a website is malicious – many websites have hyphens in their domain names – however, it is a common trick to emulate a well-known domain name.

For example, a link to “www.g-oogle.com” would be suspicious, as Google’s actual domain is simply “www.google.com.” The extra hyphen is a red flag that the site could be impersonating Google.

Look at the Extension

Another essential aspect to scrutinize regarding domains is the top-level extension at the end. Common extensions for legitimate websites include “.com,” “.org,” “.edu,” “.gov,” and country-specific endings such as “.ca” for Canada or “.uk” for the United Kingdom. However, cybercriminals may use alternative extensions, hoping to disguise malicious sites. Be wary of unfamiliar extensions or ones that don’t align with the expected use case. For example, a banking site using “.net” instead of “.com” could indicate a phishing attempt.

Staying vigilant and taking the time to inspect links quickly can help shield you from the majority of online threats. If any part of a link raises concerns about where it may lead, it’s usually best not to risk clicking until you’ve had a chance to verify the context through other trusted means.

Maintaining cautious Web habits is the easiest way to help avoid becoming the victim of deceptive scams or malware attacks online.

If you think you have clicked on a malicious link, contact us at (570)779-4018 today and see how we can help.