Malicious Links… Don’t log in!

Don’t log in!

 

Would you log into the Microsoft 365 online website in this image?  Did you spot the problem?  This article helps you identify fake websites and gives you one more reason to get a password manager.

The header image of this article looks like the legitimate login site for Microsoft 365 online services.  And that’s the point.  Nefarious actors create fake or cloned copies of legitimate websites to trick you into entering your credentials so they can capture them.

The Uniform Resource Locator (URL) or web address you type into a browser, directs the browser to your desired location.  Entering a URL with even one modified character could take you to a completely different website.  The old adage about “horseshoes and hand grenades” does not apply here.  Close is *not* enough.

 

This is the legitimate URL for Microsoft’s 365 online services:

https://office.com

 

Which of these variations do you think will also lead you to Microsoft’s site?

1. https://microsoft-office.com
2. https://0ffice.com
3. https://OFFICE.COM
4. https://off.ice.com
5. https://office-ms.com

 

The answer is ONLY 3.  Each of the other variations could take you to a different site, which if designed to look like the Microsoft 365 login could steal your credentials.

Note: even though variation 2 looks close, the first character is a “zero”, not an “o”.

 

You may not use Microsoft’s 365 online services, but this applies to websites that you do use… think about Amazon (https://amazoon.com) or Macy’s (sale.com/macys) Google (g00gle.com) or Travelocity (traveloc1ty.com).

 

What to watch out for

Malicious email links

If you have any suspicions about an email, don’t click on any links.  If you are a client of HDF and have a Phish Alert Button in your Outlook, then select the suspicious email and click the PAB button.  If you are not a client of HDF, and worry that the suspicious email may be legitimate, then contact the sender through another means, text or phone perhaps to confirm the legitimacy of the message.  If the message is from a company you normally do business with, you can also open a browser and type the company’s address directly and log in as you normally would WITHOUT clicking the link in the email.

 

Disguised links

The link you see may not be the link used.  When you see the text of the link in an email or website, a nefarious actor may have faked the text.  Hover your cursor over the link (without clicking) to see the actual URL.  If there is EVER a discrepancy between the two, then DO NOT click it.  There is no legitimate reason to show you a different URL.

 

Shortened links

URLs can be quite long, so several companies offer the service to provide a tiny or shortened version of the URL which links to the longer version.  You may have seen URLS like: https://bit.ly/72hFF3  The danger is that by replacing the original email you no longer have the chance to evaluate it.  Always be wary of shortened URLs, and if you do click it, check the resulting URL at the top of your browser immediately after the page is displayed to evaluate it.

 

URLS and case sensitivity

The case sensitivity of a website URL depends on the system that is hosting it.  If the site is hosted on a Unix based system, then the URL may be case sensitive.  If the site is hosted on a Microsoft web host, then the URL is not case sensitive.  The bottom line for the user is that, even if a website URL *is* case sensitive, the worst that can happen by entering the wrong case is receiving a “website cannot be found” error.  You CANNOT be directed to the wrong site by entering the case incorrectly.

If you have questions about this, please let us know and we will be happy to assist you.
Take care,