Fraudulent Links in Emails

With the Holiday Season on us, there will be a higher volume of malware emails who’s sole purpose will be to have you run an attachment or click on a link.  The link may look proper, but you need to understand how they work and the method to check where you are truly being redirected to.  The link is what is called “Hyperlink”.  It is a special link that allows you to display a text with an underlying web address.  The link is normally a blue color to identify it is a link to click on to reach the site.  The only problem is, there are no controls to ensure ‘what you see’ is ‘where you go’.  For example.  Take this link – Yahoo -.  You think you will be sent to the Yahoo website.  Give it a try later.  Notice you were sent to Google.  That is because the underlying address associated with this hyperlink was pointing to “”, not “”.

The spammers and malware community use this feature to try and get you to their website.  It may be a website built to look like the true website, but it is there only to try and rob you of your identity or try to insert malware on your computer.  These are also known as “phishing emails”.

YOU MUST REMAIN VIGILANT  – and NEVER click on a link (if possible).  Some emails do require you to click on a link to validate your email for website access, etc…  In these cases, take a minute to access the email.  Are you “EXPECTING” an email with a validate link?  If not, don’t click the link.  Taking a few seconds to “question” the validity of the email can save you hours of grief.

One of the ways to be vigilant is to validate the link.  With a little snooping, you can see where the link will send you.  Move your mouse cursor over the hyperlink.  DON’T CLICK the mouse, just place the mouse cursor over the hyperlink.  The true link will be displayed (either near the cursor or at the bottom left of the browser screen).  Look at the domain of the link (normally the name before the first ‘/’).  If that name does not seem represent the name of the site you are expecting to be directed too, then you know the link is false.

If you still are not sure, and think the email may be necessary, have a knowledgeable IT person look at it for you.