Security Tip: Be Leery of Email Links

Always check email links BEFORE clicking on them.

One of the most common ways to get intrusive files, spyware, adware, worms, or cookies on your computer is by clicking email links. Links that take you to websites you wouldn’t otherwise visit.

spoofed; spoofing; spoofs

Definition of spoof
transitive verb
DECEIVE, HOAX

Merriam Webster

Another concern is identity fraud. The email looks like it is from a trusted source; you click the link and provide the requested information. That information is then in the hands of tricksters you don’t know.

How these nefarious scammers operate is to spoof that the email is from your financial institution or a site you frequent and would assume is legit. The senders of these types of emails are very sneaky, while some are blatantly obvious. What they have in common is they all think you are ignorant.

Always Mouseover the Link First

With these sneaky emails, you will see words to click on, like “Click here…” or even “Login.” Other emails have domain names you trust and recognize — as the visible text. Unless you mouse over those links, you don’t see the underlying domain name or IP number in the email code, so it seems it is a site familiar to you.

These scammers have gotten so good at duplicating the look of credible emails that I mouse over every link before I click on it, even from legit emails — better safe than sorry.

So never just click on links in emails without taking this extra step. Mouse over to see what displays in the underlying code and the site the link would direct you to. You’ll see the underlying website address in your email program or browser’s location bar at the bottom of the screen.

Emails that do this are often a bait-n-switch situation where you see a warm fuzzy domain name to click on while the underlying code takes you to unknown locations. Unfortunately, “unknown” is rarely good online.

Before You Click on Email Links

Also, look at the email address in the From field. Does that match the URL displayed in the link? That email will be another clue as to whether the email is legit. If you see a Gmail, AOL, or different email other than the represented domain, mark it as spam and delete it.

To be safe, never click on a link that is all numbers, no matter how good the offer or noble the cause may seem. A website address that is all numbers is just an IP address and raises a red flag.

Emails only noting IP addresses are not to be trusted. Think about this. Why wouldn’t the sender spend the ten bucks to have a domain name to lend credibility? Because they don’t want to risk being traced, that’s why. And they are not credible.

They have a throw-away hosting account that can be shut down when complaints occur. Same with the email address. Using freebie email addresses for scams is pretty standard practice.

Quick Email Link Tips

Never click on links within an email unless you know the person sending you that email and are 100% confident the link is what it says it is. Be as cautious with forwards from irresponsible forwarders who unknowingly perpetrate scams in their zeal to forward.
Take a moment and check the from field to see if that email address is a throw-away or matches the email links.
Never click on links within an email unless you know the person sending you that email and are 100% confident the link is what it says it is. Be just as cautious with forwards from irresponsible forwarders who unknowingly perpetrate scams in their zeal to forward.
Unless you recognize the link as a reply to a specific request for information (website request, newsletter, ezine, etc.), click with caution.
Do not click on IP numbers in the email.
Do not click on URLs from those you are not absolutely positive are the sites you can trust — even if they say they are.
Always mouse over a link in an email to see if the underlying URL matches the clickable text.