Cyber criminals have been plotting nefarious ways to scam internet-goers for their own gain for years. And hyperlinks in phishing emails and malicious sites have proven to be one of their most effective tools.
Globally, a whopping 40% of emails are spam with one or more of these bad links, and Americans, in particular, receive nearly 14 unsolicited phishing text messages each month.
So, how can we tell this is a phishing attempt with a bad hyperlink? It starts with a hook—seeing "Dear Valued Customer" makes the recipient feel special and urges them to read on. Yet it doesn't use the customer's name the way a legitimate sender would.
Then there's an element of curiosity—the recipient sees that they are entitled to $150 for a couple of shipping mistakes, but there are no immediate details or explanation.
There's also a sense of urgency—the message encourages the recipient to click the link and input their financial information before the end of the day or risk losing the refund.
Finally, there's an unusual number of formatting errors. There are odd spaces between punctuation, an extra zero at the end of the refund amount we don't usually see in everyday transactions, and the word 'account' is misspelled.
Globally, a whopping 40% of emails are spam with one or more of these bad links, and Americans, in particular, receive nearly 14 unsolicited phishing text messages each month.
So, how can we tell this is a phishing attempt with a bad hyperlink? It starts with a hook—seeing "Dear Valued Customer" makes the recipient feel special and urges them to read on. Yet it doesn't use the customer's name the way a legitimate sender would.
Then there's an element of curiosity—the recipient sees that they are entitled to $150 for a couple of shipping mistakes, but there are no immediate details or explanation.
There's also a sense of urgency—the message encourages the recipient to click the link and input their financial information before the end of the day or risk losing the refund.
Finally, there's an unusual number of formatting errors. There are odd spaces between punctuation, an extra zero at the end of the refund amount we don't usually see in everyday transactions, and the word 'account' is misspelled.
What Different Kinds of Phishing Scams Are There?
Though the goal of getting you to click on a 'scammy' URL or gateway is always the same, scams that use hyperlinks come in various types.
You might get notifications about a recent payment, account deactivation, unpaid invoices, or tech support. And beware of the 'giveaway winner' email or text message that invites you to click on a link to receive your reward.
In every case, the phishing link will take you to a lookalike website that mimics an official organization attempting to steal your information or download malware.
Email phishing is one of the most common delivery methods for these harmful links that can take the shape of highlighted text, a button, or even an image. All have been configured to link to a malicious file or site.
is a more recent form of hyperlink phishing, in which a deceptive text message is sent to the recipient with an urgent request that involves clicking on a bogus link. Why do they call it Smishing? Because texts are also referred to as Short Message Service, or SMS.
Spear phishing is a more targeted email or text approach that uses plausibly accurate information about the victim to manipulate them further. And whaling is spear phishing aimed at a high-priority target, typically carried out against CEOs, business owners, and other essential personnel.
How Can I Avoid the Pitfalls of Hyperlinks?
If you're a small business owner who uses email or SMS messaging daily, you will inevitably be exposed to phishing hyperlinks. But with this knowledge, you can stop yourself from clicking on them.
Be cautious if you receive an email or text message with a hyperlink from an unknown sender. Always verify the legitimacy of the sender before clicking on anything. Official-looking emails or hyperlinks with less-than-official domain names are also a red flag. Check the spelling of the hyperlink's domain name, the suffix, and the domain name in the sender's email address.
Even if everything checks out in the grammar department, you can do one better by "hovering" your cursor over the link to show where it will direct you. If the two don't match up, don't click it.
And finally, disregard emails or SMS messages that refer to things you've never ordered, subscribed to, or requested. If it sounds strangely unfamiliar, a malicious hyperlink is usually nearby.
