Don't Click That Link: Tools to Help You Avoid Scams

June 2021

I was recently invited to answer a question on the Quora website that simply asked whether a particular website was a good guide for learning meditation. But the link given in the question was a bit.ly link.

I was suspicious.

Bit.ly is a service I sometimes use in this column to shorten long links so you can easily enter them into your browser. The link then redirects to the original web page.

I knew that if I clicked the bit.ly link in the question, I could end up at a malicious site that would install malware on my computer.

So I used CheckShortURL (checkshorturl.com). It expands a shortened link so you can see the actual link and gives information about the website. In this case, the destination link was thegeniescript.com.

CheckShortURL shows an image of the page and gives links to well known security sites to check to see if it's safe. Clicking on Web of Trust told me they don't consider thegeniescript.com safe.

You can use Web of Trust to check any link by going to www.mywot.com/website-safety-check. Other good sites to check safety are Norton's Safe web safeweb.norton.com and Google's Safe Browsing (transparencyreport.google.com/safe-browsing/search).

Often when you see a questionable link you need not even use one of these sites, since closely examining the link will reveal that it's a scam. For example, a scam text message going around alerts a person that a FedEx driver attempted to deliver a package and that it's now necessary to reschedule delivery. It then says "Please confirm your details here: bdpv5g.com/ITfD." If it's not FedEx.com, it's not likely from FedEx.

The same is true of scam emails. Look closely at the sender. For example, a recent scam email purportedly from PayPal informed the recipient their account was billed $249 for antivirus software and to call 1-844-683-3119 if they have questions. The sender, though, wasn't PayPal. Rather, it was secure@paypal-Online3-e1.co.us. Anything from PayPal would come from paypal.com. Calling the number would link you up with a scammer who would likely try to elicit your PayPal login.

Also, if you question whether a phone number is from a legitimate caller, you can simply search for the number in Google. Searching this particular number brings up a website with this summary text in Google's search results: "You sparkle with illuminated blue background. Anthropology and educational camp this summer. Priapuloidea Cereal is good exercise." Does that sound like PayPal?

Of course, most of the time when you encounter a questionable link, you are unable to see the actual domain name. The text may say PayPal but the underlying link could be a malicious website. You probably know you can hover your cursor over any link to see the underlying URL. Also, on my iPad I found that if I tap and hold a link, it will show me the underlying URL.

Even as I was writing this, I received an email ostensibly from my university's IT Help Desk saying my email password was expiring and that I had to confirm it within the next 8 hours. The sender looked legit: ithelpdesk@miu.edu. But hovering the cursor over the "Keep Same Password" link pointed to amplifyapp.com. Scam, of course.

I used the ICANN Lookup site (lookup.icann.org) and saw that this domain was registered by Amazon Technolgies, Inc., located in Nevada. According to Scamalytics (scamalytics.com), "web traffic from this ISP poses a high risk of being fraudulent."

Another common situation is to receive an email from someone you know, but seems fishy. A few years ago I received an email from a faculty colleague that read something like "See the information in the attachment." Since I would often write up news reports about faculty achievements, it was conceivable that he was sending me relevant information. But I had my doubts.

I replied to the email, saying, "Dale, is this really from you?" I got a reply, "Yes, it is." Still I held off. A week later I emailed him again, asking if he'd sent me an attachment. He replied, "Don't click on that attachment! Someone broke into my account." (The scammer himself that had replied to my first email.)

If you're wary that an attachment you've received might install malware on your computer, rather than clicking on it you can instead upload it to a website that checks attachments for malware. Sites offering this service include Virus Total (www.virustotal.com/gui/home/upload). You can even simply forward the email to scan@virustotal.com. Another good one is Metadefender Cloud (metadefender.opswat.com), which not only will check files but also URLs, domain names, IP addresses, and more.

By now you're probably savvy about these sorts of situations. But if you have doubts whether something is legitimate, these tools should help you stay safe.

© 2021 by Jim Karpen, Ph.D.

E-mail Jim Karpen