Mimecast: what is url phishing and how to identify it
Phishing URLs direct unsuspecting users to fake websites and steal from them. How to avoid the trap.
URL phishing is a growing threat that cyber criminals use to create fake websites to lure victims and gain sensitive information.
Often times, these fake websites look similar to the real ones, and checking for any telltale signs can help protect against URL phishing.
Organizations can minimize their risk by training users and adding automated defenses to review emails.
Most of us now know the concept of phishing. The most common example is a scammer impersonating a well-known company and sending a fake email stating, “Your account has been deactivated. Click here to restore it”. Alerted users then click the link and unwittingly install malware on their computer. URL phishing goes even further: the cybercriminal creates a fake website that is linked in the email. When users click on it, they are taken to a website that looks like reality but is up to no good.
How does url phishing work?
Like most phishing scams, URL phishing is all about tricking the user into action – in this case, accessing a fake website and separating themselves from passwords and sensitive information. The website often prompts the user to reset a password, re-enter personal and credit information to validate an account, or download a “software update” which is actually malware in disguise.
5 Tips for Identifying a Phishing URL
Emails with spoofed URLs often have an urgent tone, causing the target to panic and take immediate action – such as the fraudulent link – before looking carefully at the text and realizing that it is spoofed. URL phishing awareness training always starts with teaching users to pause and scrutinize messages before they act.
By doing these investigative steps before clicking any links, you can contain the scammers:
- Consider the source: If you receive an email or text message directing you to a website that you already do business with, don’t click the link. Instead, switch to another screen and log into your account directly. If the message was legitimate and, for example, there is a problem with your account, the company will notify you of this either directly on the screen or in a message when you log in. Otherwise, the email was likely phishing. Either way, you can also contact the company’s support directly from the website to be sure. Also be aware that scammers “Angler Phishing” Social media attacks to hijack legitimate customer service interactions. So be aware of where your support messages are coming from.
- Spell check of the address: Take a close look at the sender’s email address and website URL, even if it looks legitimate. Many types of phishing depend on the “spoofing” of known email addresses and websites. These may look real, but upon closer inspection you will often notice small differences, such as: B. a “.net” address where it should be “.com”. Scammers also write the URL with similar characters, such as the number 0 instead of the letter O.
- Check this url before clicking: If you move the mouse pointer or right-click the link (depending on your browser), you can often find out more information about the website address, e.g. B. whether she has a valid security certificate. A lock icon and an “https” address are positive signs that this is a legitimate website. Be careful anyway. Often times, email messages obscure the site address by using a button instead of a written out URL link. Hover over the button and read this URL carefully. If it looks weird, find the site and go directly to it.
- Investigate the website: If you can’t initially identify the website a phishing email asked you to visit, you don’t need to click the link to learn more. Do a quick search for “[name of the website] scam “or search for the email subject line plus the word” scam “and see what results come up. Scammers are numerous – this phishing email is likely to hit a lot of other people along the way, and that Word is out.
- Proofread this website: Many phishing websites are clearly bogus if you look at them closely. A website that spoofs a well-known brand’s website often shows its hand when you click past the home page. Pay attention to spelling and sentence syntax. A number of the cybercriminal operations that these scams perform are located outside of the United States and their English use shows this. When they request a payment, make sure they are using a legitimate payment processor like PayPal or Stripe and not just collecting your account information. And if they are using a known processor, you still need to check the url. Hover your cursor over the link to see the real destination. If you’re not sure, don’t click the link.
Ways to protect yourself against URL phishing
Awareness training is the first line of defense to protect against URL phishing. 85 percent of companies now offer their employees security awareness training to protect their systems from all types of email threats Ostermann research. There are also Technology tools to fight fraudsters:
- URL filtering: Automation can scan and block emails with spoofed URLs. Three out of four companies currently use threat intelligence feeds and blocklists to keep phishing email messages off their systems, Osterman reported.
- Artificial intelligence and machine learning: AI tools that check email traffic in real time can be used to block some spam messages that contain fake websites. They detect abnormal traffic patterns in the system and intercept URL phishing before it reaches a user’s inbox.
How to report phishing urls
When it comes to reporting URL phishing sites, the landscape is fragmented as many security companies collect, rather than necessarily share, their own data. If you discover a fake URL, the first step is to notify your IT department who can block it and take corrective action.
The US Cyber Security and Infrastructure Security Agency is working with the Anti-Phishing Working Group to build a collection of phishing emails and spoofed website addresses. APWG’s eCrime Exchange (eCX) has a threat data repository and a data exchange platform. Report phishing URLs to APWG by sending an email to.
Most web browsers now offer their own protections for users, such as: B. Warnings about unsafe websites and warnings to users before they serve a known spoofed site. However, these defenses depend on users reporting fake websites. The IT department at San Francisco State University has created a guide that explains how to report phishing URLs to major browsers.[i]You can access it
The bottom line
Awareness and quick action are the best protective measures against URL phishing with the help of technology. Learning how to identify phishing URLs is the critical first step.
Do you want more great items like this one?Subscribe to our blog.
Get the latest news, tips, and articles straight to your inbox
Thanks forSubscribe to
You will receive an email shortly
Please bring me back to the article
Disclaimer of liability
Mimecast Limited published this content on September 24, 2021 and is solely responsible for the information contained therein. Distributed by Public, unedited and unchanged, on September 24, 2021 6:21:08 PM UTC.