![\"\"](\"https:\/\/eshop.macsales.com\/blog\/wp-content\/uploads\/2017\/10\/website-backlinks.png\")
There\u2019s nothing that can set off a feeling of unease in a person more than wondering whether the link you just clicked on a website or in an email is going to load malware onto your Mac or direct you to a malicious page. In today\u2019s tech tip, we\u2019ll show you some ways to check those links that are making you feel queasy without clicking on them.<\/p>\n
Why Can\u2019t I Just Click On Every Link I See On Websites or in Emails?<\/b>
\nYou can, but you\u2019re taking a risk doing so. First, let\u2019s say you get an email that appears to be from your bank, asking you to log in and verify some account information. Don\u2019t do it!<\/p>\n
This is most likely a phishing<\/b> attack, where a malicious party is attempting to direct you to a website that very often looks nearly identical to the one you wanted to visit. You log in\u2026and that party now has your user ID and password, and in many cases can just log in and clear out your accounts. In other cases, you may be directed to a site where malware will be installed surreptitiously on your Mac without you knowing.<\/p>\n
Think before you click, unless you\u2019re absolutely sure that you\u2019re on a safe site. What are some warning signs of malware or phishing links that you should look for?<\/p>\n
Watch Out For Shortened Links<\/b> How can you tell where a shortened link is trying to point you? There are two handy ways: First, use a link expansion service like CheckShortURL.com<\/a>. Paste in the short URL and it will display a page of information about the destination (see screenshot below). There are even a set of links that will further check if your link is safe.<\/p>\n Beware of Phishing Emails<\/b> The emails will usually warn you of dire consequences if you do not respond to the email by logging into the service. In this case, it\u2019s Stripe, which I use to receive payments for my business, and they\u2019re trying to get my attention by telling me that I\u2019m about to get a payment of $4600 and should check it out.<\/p>\n This is actually a pretty well-done phishing attack since a) I do have a Stripe account, b) it\u2019s not full of the grammatical and spelling error usually found in phishing emails, and c) it was a nicely done HTML email with a border, the Stripe logo, and even the correct address for Stripe. It set off the alarms in my brain because I never<\/i> get payments that large through Stripe.<\/p>\n Fortunately there are a few ways to check out phishing emails without clicking any of the links contained in them. It\u2019s possible to check the source of the email in macOS by hovering your cursor over the From address, then clicking the disclosure triangle ( \u02c7 ) that appears next to it. The screenshot below shows that the email address this was sent from was \u201cstrp33@sealcoatingandmore.com<\/a>\u201d, not an address at stripe.com<\/a>.<\/p>\n That same disclosure triangle appears in other places when the cursor is placed above a link. For example, I hovered my cursor above the payment amount \u2014 which is a link \u2014 and clicked the disclosure triangle to show a preview of the web page (see screenshot below). Sure enough, it looks just like the Stripe login page, but it shows an \u201chippls.com\u201d domain name at the top (outlined in red). That\u2019s my second indication that this isn\u2019t a valid email.<\/p>\n The disclosure triangle in macOS works well on the \u201cView in Stripe Dashboard\u201d link, too. Just hovering over the address shows a link to a \u201c1stripe.com<\/a>\u201d domain, which is close, but still bogus\u2026 (see screenshot below)<\/p>\n Many browsers including Safari also display a warning if a site is dangerous. For example, a click on the \u201csupport website\u201d link displays a bright red web page in Safari with the following message (see screenshot below):<\/p>\n All of these methods are for macOS, but what about iOS? Fortunately, you can do similar things to check out a potential phishing email on your iPhone or iPad.<\/p>\n For example, tapping on the From address (\u201cStripe Support\u201d) in the phishing email used as an example here brings up a Contact sheet, which promptly shows the fake email address (see screenshot below):<\/p>\n Tapping and holding on any of the links in the email displays a menu of possible ways to process the link (see screenshot below), but the most important thing to note is the link address shown at the top of the menu (outlined in red). Once again, this is the faux \u201c1stripe.com<\/a>\u201d website, not the real Stripe website.<\/p>\n Set Up Two-Factor Authentication<\/b> If the hackers don\u2019t have your iPhone or Mac at hand, there\u2019s no way they\u2019re going to be able to receive that code and enter it into the website. This is the beauty of two-factor authentication – even if they have been successful in getting your user name and password, there\u2019s no way they can log into the site.<\/p>\n Watch For Strange Characters in Links<\/b> Long story short? Watch out for long URLs full of \u201c%\u201d symbols and avoid them at all cost.<\/p>\n Check a Suspicious URL with a Link Scanner<\/strong> If the site shows up as “unknown”, with a “red” rating, or with a response of “URL is not valid”, you know you’ve got a live one.<\/p>\n Use Antimalware Software That Has Real-Time or Active Scanning Available<\/strong> Stay safe out there, please! Be sure not to click on any links in emails or on websites unless you’re absolutely certain they’re from a reliable source. Watch for misspellings and bad grammar on linked web pages and in emails, and set up two-level authentication when you want an extra level of safety.<\/p>\n","protected":false},"excerpt":{"rendered":" There\u2019s nothing that can set off a feeling of unease in a person more than wondering whether the link you just clicked on a website or in an email is going to load malware onto your Mac or direct you to a malicious page. In today\u2019s tech tip, we\u2019ll show you some ways to check those […]<\/p>\n","protected":false},"author":81,"featured_media":42727,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"spay_email":"","footnotes":""},"categories":[4],"class_list":["post-42718","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-tech-tips"],"yoast_head":"\n
\nIf you\u2019ve been around the Internet for any length of time, you\u2019re familiar with link shortening services like Bitly and TinyUrl. They take a long web address like \u201chttps:\/\/eshop.macsales.com\/blog\/42686-a-complete-guide-to-universal-clipboard-in-macos-high-sierra<\/a>\u201d and shorten it to something like \u201chttp:\/\/bit.ly\/2zTnIoT<\/a>\u201d. This used to be quite handy in the days when every character in a web address counted against the 140-character limit on Twitter, and now it\u2019s a favorite of hackers since that \u201cbit.ly<\/a>\u201d domain name can mask a malicious URL that\u2019s masquerading as the site of a financial institution.<\/p>\n
\nGetting an unsolicited email from your bank or another financial institution that\u2019s asking you to verify information should set off warning bells in your head, as it\u2019s probably a phishing attack. Oddly enough, I received a phishing email yesterday (see screenshot below) that\u2019s perfect for demonstrating the elements of a phishing attack:<\/p>\n![\"\"](\"https:\/\/eshop.macsales.com\/blog\/wp-content\/uploads\/2017\/10\/Screenshot-0258.png\")
![\"This](\"https:\/\/eshop.macsales.com\/blog\/wp-content\/uploads\/2017\/10\/Screenshot-0253.png\")
![\"The](\"https:\/\/eshop.macsales.com\/blog\/wp-content\/uploads\/2017\/10\/Screenshot-0255.png\")
![\"1Stripe.com](\"https:\/\/eshop.macsales.com\/blog\/wp-content\/uploads\/2017\/10\/Screenshot-0256.png\")
![\"Warning!](\"https:\/\/eshop.macsales.com\/blog\/wp-content\/uploads\/2017\/10\/Screenshot-0257.png\")
![\"Stripe](\"https:\/\/eshop.macsales.com\/blog\/wp-content\/uploads\/2017\/10\/IMG_2426.jpg\")
![\"Two](\"https:\/\/eshop.macsales.com\/blog\/wp-content\/uploads\/2017\/10\/IMG_2427.jpg\")
\nEven if you fall prey to a phishing attack like this one, there\u2019s a way to ensure that the bad guys aren\u2019t going to get into your account: set up two-factor authentication at your financial institutions. This usually works by sending an authentication code to something only you have \u2014 an email address or an iPhone \u2014 that you then enter into a field on the website for verification.<\/p>\n
\nHackers and malware distributors often try to conceal the destination of their malicious websites by using URL encoding. In URL encoding, the letters and symbols that make up the website name are encoded as a percent sign ( % ) followed by a number. For example, MacSales.com might be encoded as %6D%61%63%73%61%6C%65%73%2E%63%6F%6D (an encoding table can be found here<\/a>).<\/p>\n
\nFinally, there are ways to test those web addresses that may look “OK”, but are still making you feel uneasy. Enter the web address into a known link scanner and see if it’s a valid address. Three sites that work well are Norton SafeWeb<\/a>, URLVoid<\/a>, and ScanURL<\/a>. Enter an address into one of these sites, and they will provide a rating or response.<\/p>\n
\nLet’s say you accidentally click a link that sends you to a site that’s set up to unload some malware onto your Mac. If you’re running antimalware and\/or antivirus software on your Mac, make sure that it has a “real-time” or “active” scanning option and that it’s turned on. This will protect you from malware that may try to load itself onto your Mac if you hit one of these bad sites. Of course, you should make sure that your antimalware\/antivirus software is updated frequently with virus definitions and engine updates.<\/p>\n
\n