Links are not really dangerous. Until you click on them. So, why are hackers sending links?
Attackers want you to do one of the following:
- Take you to a fake website, where you may enter your credentials thinking it is a well-known website
- Verify your email is valid so they can bombard you with more dangerous emails
- Exploit your web browser to take control of your PC and download malicious code like ransomware
These links can look like an actual URL (website address) leading you to a website.
Sometimes, links are look-a-likes. For example, ATCOM’s URL is www.atcombts.com, so a hacker may slightly change one letter, such as the “m” to an “n”, and your eye may not catch it: www.atconbts.com. A quick glance may make the website look identical, making it easy to overlook the substitution.
Other times, a “look-a-like” may use a hyphen. www.atcom-bts.com.
Carefully examine a URL to determine if it is legitimate. An excellent way to do this is to read it backwards. When reading it from right to left, your eyes may catch something you would not usually see: http://atcombts.hacker.com. In this example, a new website was inserted, and clicking on a link would take you to hacker.com, not atcombts.com. Also, to be safe, the HTTP should include an “s”, so it should say HTTPS or have a lock symbol before the website.
When in doubt, go manually to a website or a previously saved bookmarked location. Only click on emails that you trust. Don’t be tricked by emails that make something seem urgent.
Written by Bryan Sayers