Warning issued over tiny detail hackers use in links to scam you that you probably wouldn’t notice
Topics: Technology
Gregory Robinson
Featured Image Credit: Getty stock image/Facebook
Topics: Technology
Hackers may use a sneaky trick involving URLs you probably would not have noticed, if it wasn’t for this new warning.
Unsuspecting victims can potentially get a virus just from clicking on a link. This is why cybersecurity experts consistently issue warnings about suspicious links and emails.
Email is one of the most common ways attackers use technology to deliver malware, steal personal information, or gain access to systems.
But how do you identify a suspicious URL from a legitimate one?
Advert
Well, it all boils down to a concerning method known as domain spoofing. This is a type of cyberattack in which a malicious party impersonates a legitimate domain to deceive users or systems.
Just like other forms of scamming, it is usually done to trick users into thinking they are clicking on the website of a trusted source in order to steal sensitive information, a process known as phishing. Some scammers may use domain spoofing to distribute malware.
One form of domain spoofing is email domain spoofing, when attackers attempt to forge the ‘from’ address in an email to make it appear like you have received it from a legitimate domain.
However, cybersecurity experts suggest always double checking the sender’s email address to identify any discrepancies.
Does the sender’s email address align with the email address of previous emails? Is the email asking for sensitive information or urgent updates to your account? Chances are that your bank would never do this via email.
As more people become aware about this kind of phishing, another form of domain spoofing is also tricking many, as most people wouldn't even notice the slight difference. Attackers use a domain name (URL) that looks very similar to a legitimate one.
Yep, hackers are using cyrillic alphabet letters (see below) and replacing just one letter, so at a quick glance, the URLs may look completely legit, but don't be fooled.
A warning shared on Facebook put two URLs each for the companies Citibank and Maybank2u side-by-side that look nearly identical, with one was forged by hackers and the other being legitimate.
Upon first glance, the URLs look the same, but the ‘a’ letters are different.
One shocked Facebook user confessed: "I can't see any difference!"
Another person used the warning as an opportunity to remind everyone to 'never click on an email link from anyone. Call your bank to verify'.
When in doubt, hover over links to check the actual URL before clicking.
You should never open attachments or click links in suspicious or unexpected emails. Verify with the sender using another method, such as calling your bank if something seems off, and using security features like spam filters, antivirus software, and email authentication to stay safe.