Brief Summary
This video explains how to check if a link is safe before clicking it, to avoid scams and phishing attempts. It covers how links work, how to reveal their true destination using hovering and copy-pasting, and what to look for to identify suspicious links. The video also discusses URL shorteners and legitimate reasons why a link's destination might not match the displayed text.
- Links have a visible part and a hidden URL.
- Hovering over a link or copy-pasting it reveals the true destination.
- URL shorteners and tracking services can cause mismatches between displayed text and destination.
- Suspicious signs include misdirection, IP addresses, and foreign domains.
Hover Over a Link to Check It’s Not a Scam
The video introduces the topic of checking URLs or links to verify their true source before clicking, to avoid potential scams. It addresses the question of how to reveal the true destination of a link and emphasizes the importance of examining links in both emails and web pages to ensure they lead to the expected location. The presenter assures viewers that while there are ways to hide a link's true destination, the most common methods are easy to detect.
What is a link?
A link consists of two parts: the visible text and the hidden URL. The visible text is what users see and click on, while the hidden URL is the actual destination the link leads to. For example, a link displaying "Ask Leo!" might direct to "https://askleo.com". This hidden URL is encoded in HTML, using tags and attributes to specify the destination.
HTML code
Links are encoded in HTML using an "A" tag with an "Href" attribute that specifies the URL. The HTML code includes the URL of the destination, along with the text that is displayed to the user. Browsers only show the display text, while the "Href" attribute contains the actual URL that the browser will navigate to when the link is clicked. Hackers can manipulate the "Href" attribute to redirect users to malicious sites, even if the displayed text appears legitimate.
Hovering over a link
Hovering the mouse pointer over a link typically reveals the actual URL in the lower left-hand corner of the browser window. This allows users to see the true destination of the link before clicking it. The location of the displayed URL may vary depending on the browser, sometimes appearing as a tooltip near the mouse pointer. On mobile devices, a long press on the link usually displays the destination URL.
Email programs
Most email programs function similarly to web browsers in that they display the destination of a link when you hover over it. On mobile devices, a long press on the link will reveal its destination. This feature helps users verify the safety and legitimacy of links in emails before clicking them.
Use copy-paste
An alternative method to check a link's destination is to copy and paste it. Right-clicking on the link and selecting "copy link" copies the destination URL to the clipboard. This URL can then be pasted into the address bar of a browser or a text editor like Notepad to view the full URL without navigating to the site. This method is useful for verifying the link's destination and for saving the link for later use.
What if it doesn't match?
A mismatch between the displayed link text and the actual URL does not always indicate a scam. Sometimes, legitimate services like URL shorteners or tracking services cause these discrepancies. For example, a link might redirect through a URL shortening service like bit.ly or the presenter's own go.askleo.com before arriving at the final destination.
URL shorteners
URL shorteners, such as bit.ly or TinyURL, create shorter, more manageable URLs from longer ones. These services, along with third-party services, are used for various reasons, including tracking clicks, adding affiliate codes, and monitoring who clicks on specific links, especially in email newsletters. While these redirections can cause the displayed link to differ from the actual destination, they are often benign and used for legitimate purposes.
So how do I know what’s legitimate?
Determining the legitimacy of a link isn't always straightforward, but some signs can raise suspicion. If the displayed text looks like a URL, the destination should generally match. Links leading to IP addresses or foreign domains (like .ru or .cn) should be treated with caution, especially if unexpected. These signs don't automatically mean a link is a scam, but they warrant closer inspection before clicking. The key is to "look before you click" by hovering over the link or copying and pasting it to confirm it leads to the expected destination.
