Hackers Hide in the Hyperlinks: Spotting Malicious URLs

Written By Brandon Strangman

Whether browsing the Web, using social media, or checking your email, it's important to exercise caution when encountering links. Cybercriminals actively craft deceptive links to steal personal information or infect devices with malware.

Here’s what to look out for:

Hover Before You Click

To identify a malicious link, you must first see where it goes. Hover your mouse cursor over the link's text, but don't click on it. This allows you to preview the full destination address before deciding whether to proceed. Be very wary of links trying to send you to an unknown site other than what's expected based on the context.

Look for HTTPS at the Start

Legitimate websites will use "https://" to indicate that the page connection is secured using SSL encryption. However, just seeing the "s" does not guarantee safety, so further inspection is needed.

Observe the Subdomain

It's important to pay attention not just to the overall domain name but also to any subdomains listed before the main domain. This is often just “www,” but it can be anything. You might have seen something like “mail.google.com,” and that’s perfectly legitimate.

However, an attacker could use the subdomain to look like the actual domain. For example, “google-mail-login.fake-domain.com.”

The domain you will go to when clicked is “fake-domain.com,” not Google.

Watch out for Special Characters

Look out for hyphens in the domain name. A hyphen alone doesn't mean a website is malicious – many websites have hyphens in their domain names – however, it is a common trick to emulate a well-known domain name.

For example, a link to “www.g-oogle.com” would be suspicious, as Google's actual domain is simply “www.google.com.” The extra hyphen is a red flag that the site could be impersonating Google.

Look at the Extension

Another essential aspect to scrutinize regarding domains is the top-level extension at the end. Common extensions for legitimate websites include “.com,” “.org,” “.edu,” “.gov,” and country-specific endings such as “.au” for Australia or “.uk” for the United Kingdom. However, cybercriminals may use alternative extensions, hoping to disguise malicious sites. Be wary of unfamiliar extensions or ones that don't align with the expected use case. For example, a banking site using “.net” instead of “.com” could indicate a phishing attempt.

Staying vigilant and taking the time to inspect links quickly can help shield you from the majority of online threats. If any part of a link raises concerns about where it may lead, it's usually best not to risk clicking until you’ve had a chance to verify the context through other trusted means.

Maintaining cautious Web habits is the easiest way to help avoid becoming the victim of deceptive scams or malware attacks online.

How Cyber Guys can Help

The best way that you can prevent your company from getting infected, hacked or otherwise have a cyber incident is to give your staff the power of User Awareness Training. Cyber Crime cost Australian Small Business on average $45,000 per incident, and of those, 90% were caused by human error directly or indirectly. 92.6% of all reports to the Australian Cyber Security Centre in 2021-2022 were from small businesses with a turnover of less than $2 million. Could your small business afford this? Call us today on (07) 3326 2373 to speak to us about training for your staff.

Brandon Strangman
Previous

Solving the Password Problem Simplify Your Life
Next

Unexpected 2FA Codes: Your Cybersecurity Wake-Up Call