URLs (Uniform Resource Locator), also known as Web addresses, are the most common tool used by hackers and internet scammers to deliver weapons to their target victims.
If you are confused about what a URL is, here is an example of a URL: www.example.com or https://example.com/exampletext.
Many people have been hacked through URLs. Scammers use it to deliver phishing attacks and malware to their victims. So if you wish to remain safe in cyberspace, you should learn to be careful when clicking on or visiting URLs.
One thing many don’t know is that just clicking or visiting malicious URLs is enough to give away useful information about your device and browser to the scammer that created the link. Sometimes just loading the web address on your browser gives the scammer access to your browser and then your device.
Most online scamming happens through the use of link URLs. That is why this post is important.
Related Post: Web Links-Two Important Things You Should Know
How to Detect Malicious and Scam URLs
1. Through Browser Alerts
One way to detect malicious URLs is through a browser alert. Many browsers today come with a built-in feature that helps in detecting malicious URLs.
Whenever your browser warns you that a web address or URL is malicious or unsafe, it is wise to avoid continuing with the site visit.
Sometimes you receive this warning on the address bar of the browser, which is the location where you type the web address on the browser or on the browser page.
2. Using Browser Redirect
Whenever you visit a URL and the address changes to something other than what you typed in on the address bar or clicked, that shows you are being redirected to another location on the internet.
Redirect is one-way scammers use a genuine-looking website to direct you to a malicious one.
While using the browser, always be mindful of the address bar. Any URL you visit that keeps redirecting you to another address might be malicious, but not in all cases.
3. Using Keywords on URLs
Though it is very difficult to exhaust all the possible keywords scammers can use to create their URL links, it is also very important that you check the words found on the link URL.
If a URL link contains an IP address or @ symbol and words like Ngrok, Serveo, Localtunnell, Grabify, Iplogger, Base64 encoded text like D4fGHjs5gsjkkslR6GHhj=, etc. and you never requested them, avoid clicking them.
Some URLs with such keywords are hosted remotely by scammers, and they are using them to target their victims. They sometimes use them to collect user’s private information. Also, avoid clicking URL links that come as short URLs without expanding them.
4. Through URL Scan
There are many free online tools that can help you scan a web address to know if it is malicious or not before you click it. All you have to do is copy the URLs and paste them into the tool to scan it.
5. By Doing a domain whois lookup for the URL
It is very important to run a Whois lookup on weblink addresses to be sure of the domain owner’s identity, creation date, and location. For instance, if an American company’s website Whois lookup result shows India as the location of the site owner, it is obvious the site might be a scam website, or if the business claims to have been in existence since 2000 and the domain creation date shows 2023, you should tread with caution.
To run a Whois search for a web address or link, visit the Namecheap Whois lookup tool. Then type in the website or the link address in the search box and press the enter key on your keyboard. You can also use the Whois webpage tool for the search, or you can still run the whois command in your computer terminal.
Compare the information you got from the lookup with the original claims on the suspected website.
How To Handle Link URLs to Prevent Falling Victims
The best way to stay safe from scams and malicious links is by avoiding URL clicking, except when you are the one who requested it. What I mean by being the one who requested it is like in the case of an online account reset or creation.
Another way you can handle URLs to remain safe is by typing the main address in the browser yourself. Let’s assume you receive an email stating that your Facebook account is under hacking attempt and that you should click on the URL link that came with the email to rectify the problem. It is advisable that you avoid clicking the link. Instead, you should type the normal Facebook web address in the browser directly or visit your Facebook app yourself to check if it is true.
This is applicable to every transaction you do online. If you know the company’s websites, visit them directly yourself to check things out. Don’t click on a URL link you did not initiate.
The third way you can maintain your safety from malicious links is by avoiding clicking on promotional and grant-related URL links without verification. Whenever you receive a forwarded text message, WhatsApp message, or Facebook chat that a company or government is giving out free money or material online, make sure you don’t follow the link that comes with the message to apply.
Open Google on your own and search for the name of the company or the grant to see if it is truly ongoing. then visit the company’s official website and apply from there. Don’t follow URLs you didn’t solicit for.
Another URL trick many fall victim to is the online voting link scam. If your friend on Facebook or Instagram sends you a link to vote for them in an online competition, avoid following the link they sent to you. Ask them to send you the name of the group where the voting is happening, and search for the group on the platform search box.
Also, never enter your login credentials immediately after following a URL link. Avoid this by all means, except you requested the link.
