![[ Plzhow ] Written and illustrated explanations](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi0wb8SWgzkXTHmz2gI0D9wCA-XZK1GxFwT6EzfZ4IK3a2FV7eeIugnYcjwxYt4T6XtGc9mp52i63BfQjK94ow8tti1VyCEMMjBbYr8JZDgz8AUdopwlkfUDU1Ln9jQKAOSgf6qXxMNWNo/s1600/ff.png)
URLs used to be a nice and simple way to link
to an online destination without a long and fiddly URL, but in today’s
world of advancing cybercrime they can lead to password and data theft,
even drive-by-download malware attacks. So ask yourself these five
questions before clicking on that shortened link.
Do you trust the person sending/posting the link?
‘Trust’ should be the same online as it is in
the real world, but sadly this is rarely the case. For example, people
will always check the keyhole before opening their front door, and teach
their children about the dangers of walking off with strangers, but
these same people might also open an email, or click on a link, from
someone they’ve never met.
The good news is that, despite phishing remaining
a popular tool for cybercriminals, people are improving at
distinguishing the good emails (and links) from bad, something that has
also been helped by advancing spam filters.
Nonetheless, you still need to be alert, so the
first question to ask yourself is ‘do I trust the person sending or
sharing this link?’ If the link has been sent by a friend or family
member, and on a trusted social media platform or email client, there’s a
good chance it’s OK. If, for whatever reason, you’re unsure, maybe you
could call them to verify that they did indeed send that information.
However, if you don’t recognize the name, the
email account or the content, it is best avoided. You should be
particularly wary of emails that look to catch you out by mentioning
your name in the subject matter, or which claim to be from your bank or
PayPal account.
Do you trust the platform?
Like most of the questions on this list, ‘do
you trust the platform?’ revolves around common sense. For instance,
there’s probably no need to worry if this link has been shared on your
businesses’ Intranet or private WhatsApp group. But if something’s in
your email spam, or on an anonymous Twitter account, that should be
treated with caution.
Pay special attention to Twitter and Facebook
as both social media websites have been hit by copious amounts of spam
before, with some links even directing users to malware-infected
websites. If you’re unsure on the link, and don’t know about the
platform, you should search elsewhere.
Additionally, high profile accounts have been
hacked, so if the surrounding text seems out of character for the
sharer, think twice.
Do you trust the destination?
Look at the link that has been shared. Does it go to a website you recognize, or even like?
If you don’t trust, or don’t know, the
destination you should not click the link. Instead, do your own web
search and visit the website via that route.
Does this link coincide with a major world event?
Cybercriminals are very opportunistic, and
they’ll seize any opportunity to get someone to click that link that
takes them to a bad website. This is especially true around major
events, like natural disasters, Olympics and World Cups – the numbers of
spam emails and tweets simply skyrocket at this time; just take a look
at the emails sent shortly after the MH17 disaster.
So if you see a link, for example on the Nepal
earthquake, have a good hard think about this, in relation to the three
previous questions on the source of the link, where it has been shared
and where the link is taking you to.
Is it a shortened link?
The rise of social media like Twitter, Facebook
and Instagram has seen the rise too of shortened links for convenience.
Most of these are well intentioned but danger can still lurk here.
For example, a cybercriminal can shorten their
nefarious link using Bitly, goo.gl or any other provider, in the hope
that the user blindly trusts that link as from a trusted source. Also,
if they combined this link with an authentic tweet or email, the user
could well be encouraged into thinking that this was a legitimate
message from a legitimate user.
So with shortened links, the advice is clear;
ask yourself the above four questions and if you’re unsure still, use
the likes of LongURL and CheckShortURL, to restore the shortened link to its original length.
EmoticonEmoticon