Cybercriminals are now using obfuscated links to steal information by hiding IP addresses instead of URLs, making it difficult for users to verify the legitimacy of links sent in urgent emails.
Recently, researchers at Avanan have discovered another technique that cybercriminals use to try to steal your information. In this technique, cybercriminals are using obfuscated links to show IP addresses instead of websites. Obfuscated links are URLs that have been modified to hide the real location of a website.
In this scam, cybercriminals send an urgent email that appears to come from a legitimate source and prompts you to click on a link. The link seems legitimate, but hovering over it shows an IP address instead of a URL. Without a URL, it’s nearly impossible to verify if the link is legitimate. If you open the link in your browser, cybercriminals can download malware onto your device or redirect you to a malicious website.
Follow the tips below to stay safe from similar scams:
- When you receive an email, stop and look for red flags. For example, watch out for emails with different reply-to and sender addresses.
- Before you click a link, hover your cursor over it. If it shows an IP address, it could be a phishing link.
- Be cautious of urgent requests. Cyberattacks are designed to catch you off guard and trigger you to click links impulsively.
Stop, Look, and Think. Don’t be fooled.
KnowBe4 is the world’s most popular integrated platform for awareness training combined with simulated phishing attacks. Let Keller Schroeder show you how KnowBe4 has helped thousands of organizations just like yours manage the continuing problem of social engineering. Contact us today to learn more.
DISCLAIMER : Any non-technical views expressed are not necessarily those of Keller Schroeder or its employee-owners.