Look both ways before clicking

How to preview URLs to avoid dangerous links

Do you know the difference between a link and a URL?  The link is the text you see in an email or on a webpage, and the URL is the underlying address that you will be redirected to once you click.  Hackers can easily disguise the link to look like a legitimate destination, by cloaking the URL with harmless looking text or, even worse, a different address altogether.  These are two different “ways” to view the link.

Link:    Click here to access the website

URL:    <Https://webaddress.com/page>

You should always look at both ways (Link & URL) *before* clicking.  This article shows you how to do so on your various devices.

Phishing attacks typically involve sending emails or messages with links that appear trustworthy but redirect users to fraudulent sites. These sites can compromise personal information or install malware on devices. For instance, a link may seem to direct you to your bank’s website but could actually lead to a fake site designed to steal your credentials. Therefore, verifying the authenticity of links before clicking is essential.

 

Link vs URL

In an email, you may see text that is underlined, which indicates that it is a link that will redirect you to a page on a website or a file to download.  We are referring to the text as the “Link”, and the underlying address as the URL.  In the email, the text is plainly displayed, but the URL is hidden “behind” it.

Examples of links:

* Please click here to be directed to our webpage.

* To access our services, you must login.

* Download the file from our download page.

* The link may also be embedded in a image, for instance and image which states “Log in”.

 

Since the URLs in each example are hidden, how do you know where you will be redirected?  Since it is vital to know where you will be redirected before you click, programs and devices make it easy to inspect the URL.

 

Methods for URL inspection

On a PC or MAC – Hover over the link

One of the simplest ways to check a URL is by hovering over it with your cursor. This action usually reveals the actual destination URL in the status bar of your browser or email program, allowing you to inspect the URL without clicking on it.

 

On a mobile device (tablet, iPhone, Android, etc.) – Long press (Tap and hold)

On mobile devices, you can long-press the link.  This will result in a pop-up display showing the URL of the link and some other options.

 

What to do with the URL after you find it

Hopefully, seeing the actual URL will give you enough information to trust or reject it.

Some reasons to reject the URL:

* The URL shows something similar but not quite the same as what you are expecting: i.e. you are expecting a link to Amazon, but the URL contains “Annazon”

* The URL shows something completely different than what you are expecting: i.e. you are expecting a link to Walmart, but the URL contains “jack-university.com”

* The text link is displayed as a URL, but it is different than the actual URL.  This is a major red-flag!

Unfortunately, just seeing the URL is sometimes not enough.  If you are not sure, then reach out to someone who is more familiar with such things.  In the case of HDF’s clients, you can always email us.

If you have questions about this, please let us know and we will be happy to assist you.
Take care,