Top 10 Most Common Rogue URL Tricks
Almost every internet scam or phishing email involves some form of a malicious Uniform Resource Locator (URL) link. The goal in using them is to execute malicious instructions in the user’s browser. In this post, we’ll look at 10 common URL tricks.
- Look-a-Like Domains – One of the most common tricks. The phisher uses a look-a-like domain containing the name of a well-known brand to win a victim’s trust. When it is clicked it sends the user to a malicious domain.
- Encoding URL Characters – URLs can be encoded using different methods. The most common is known as percent escaping. The hacker replaces each ASCII character with its hexadecimal counterpart followed by a % sign.
- Mismatched Domain Names – In this instance, a phisher sends an email appearing to be from a well-known brand, that contains several domain names, none of which is related to the real business or website.
- Shortened URLs – Hackers will often use a URL-shortening service to convert malicious URLs into innocuous shorter ones.
- Homographic Attacks – This type of attack uses language characters that look like another language to create new domains. For example, Unicode Latin A and Cyrillic A may look the same in a browser.
- Unusually Long URLs – Sometimes a scammer will use an overly long URL with hundreds of random characters to overflow the screen when a user hovers over the link.
- Cross-Site Scripting – In a cross-site scripting attack, HTML code that is meant to be displayed or executed on a server is manipulated into executing code on the client instead.
- Malicious Redirection – Some innocent websites can contain coding allowing their URL to be misused by scammers who use it to redirect a user to another malicious location.
- Fake 404 Pages – When a website page is missing, the visitor will get a 404 error message. Hackers can break into an innocent website and alter the 404 messages to redirect to a malicious website.
- Fake File Attachment Images – This is a new approach. Hackers use fake file attachments which are really images with links to a malicious website.
Every organization wants to prevent bad things from happening to its website or network. The first step is to be aware of the methods bad actors use so you can better protect yourself. To protect your business you need a policy, technical controls and to educate your team to recognize the warning signs.
About Atlantic, Tomorrow’s Office
Atlantic is an award-winning office technology and IT solutions company providing Imaging Products, IT Support, Document Management, Cybersecurity and Managed Services to small and large companies in the New York City metropolitan area, and the Greater Philadelphia and Delaware Valley.
For the latest industry trends and technology insights visit ATO’s main Blog page.