Reputable firms such as eBay and PayPal have been besieged by email scammers attempting to pilfer valuable credit card details from unsuspecting customers. These emails often are quite well-done and look very authentic. However, a seasoned eye can quickly ferret out the truth. Those less savvy may want to follow a simple bit of advice: never follow a link in email unless you absolutely trust the sender. If you'd like to move from unsavvy to seasoned, here's how to ferret out malformed link scams.
Understanding HTML links
HTML is the programming language that tells a browser how to render a web page. You can use HTML in email and many people do. However, doing so makes it very easy for links in email to appear to point to one site, when in fact they point to another.
Links in HTML are created by a special tag. There are two components to the tag, the real link (i.e. the target) and the displayed text for that link. For example, if I wanted to create a link to the homepage for this website, I would add the following to the HTML code:
which would then be displayed as Antivirus.About.com. In other words, the target link, http://antivirus.about.com, does not appear. Instead what is rendered is the display link information provided: Antivirus.About.com.
Miscreants exploit this by providing bogus display text - they display what appears to be a link to a legitimate site, when all the while, they are pointing at something different. Let's use this site's homepage as an example:
If you've followed me so far, you'll quickly realize that what would be displayed is http://www.ebay.com but the actual target is http://antivirus.about.com. Thus if you clicked the link, you would not go to the displayed ebay.com address, but instead would be directed to the antivirus.about.com target. In other words, with links in email (and on web pages) what you see is not always what you get.
Next page: Ferreting out a fake > 1 | 2 | 3 | 4