Security Awareness – A New Trick to an Old Game: URL Phishing

We often train users about email-based phishing and common signs of an impersonated or fraudulent email address. And while we also extend caution about malicious URLs contained in those phishing emails, we spend less time educating on the signs of an impersonated, doppelganger, look-alike, or homographic domain – also known as URL phishing.

URL phishing, like other forms of phishing, involves deceiving a user into taking action by clicking on a malicious link which takes them to a convincing, but fake website prompting the victim to enter sensitive information. Despite the malevolence, there are easy steps to mitigate against URL phishing scams, which include: considering the source of the email, spellchecking the address, vetting the URL before you click, investigating the website, and proofreading the site. Additionally, there are some software for email security that can automatically filter out fake URLs sent to an account. In sum, understanding the telltale signs of phishing scams and quick action are two significant protective actions you can take to defend yourself from future attacks. Read more at Mimecast.