Over the last few weeks, I have noticed an increasing number of very suspicious looking links blocked by our “DNS firewall” – links like “xwhdg.read-this-hot-stuff.today”.
The suspicion is that people are being sent emails with links within and they are clicking on the links for further information rather than checking the link first and refusing to follow the link because the destination looks suspicious.
Check the link you are about to click on! And if it looks suspicious, don’t click on it.
When your mouse “hovers” over a link, the status bar at the bottom of your browser (Firefox and Chrome at least) will show the address it will take you too :-
It is not as conveniently obvious as a pop-up display of the link you are about to click on, but it does make it possible to check links in (for example) emails.
As to what makes a web address suspicious, that’s more of an art than a science but some indications :-
- If it includes nonsense strings of letters (such as “xwhdg”).
- Anything embedded within the string of labels which tries to hurry you up (“click-now”) or encourage you (“read-this-hot-stuff”).
- Any domain that ends with a word (“.today”) rather than the old country specific domains (“.co.uk”) or organisation types (“.com”, “.org”, or “.net”) probably gets a ½ point towards suspicious.