Our Wired World

Safe Surfing: How To Spot A Suspicious Embedded Link

Be careful what you click

A public service provided by the Better Business Bureau Serving Eastern MA, ME, RI & VT.

October 16, 2019 — BBB Serving E. MA, ME, RI & VT – Chances are, you found this article by clicking a link. We constantly click links to bounce around the web, since it’s an easy way to get from one page to another for learning, subscribing, purchasing, or just visiting websites.

It’s also the common method for cybercriminals to take advantage of you.

Embedded links are links contained in text or an image that lead to somewhere else on the web when clicked. Most of the time, these embedded links are completely safe. For example, this BBB link is embedded with a URL that will take you to BBB’s website.

But sometimes they’re not. Scammers with more malicious intent hope that you’ll click an embedded link typically in an unsolicited email or message that will take you to a phony website. Here they can try a variety of phishing tactics to exploit you, like collecting personal information you provide on the site or luring you into downloading malware.

What is Phishing?

Phishing is the fraudulent practice of reaching out to people online via email or messaging (usually pretending to be someone else) and and luring them into downloading a file or clicking on an embedded link. BBB conducted a study of phishing scams where cyber criminals would send emails to employees pretending to be their bosses.

What is Malware?

Malware is any sort of software specifically designed to disrupt, damage, gain access to a computer system. Different kinds of malware include adware, ransomware, and spyware, which monitors and collects your online activity. Many times, malware is spread through phishing emails where victims click on an embedded link that directs them to an attachment containing malware.

These embedded links are often sent in emails, but can also target people in direct messages or even social media messages. A recent Facebook scam involved sending an embedded link through Facebook Messenger that takes you to a scam website.

There are also ways to test a link without clicking it. If you hover your mouse over the link, often times the URL is shown and you can see if it’s what you were expecting and if it’s secure beginning with HTTPS...

How do you know if a link isn’t safe?
Here are the red flags to look for when someone is trying to get you to click a link:

  • Links contained in unsolicited messages
  • Links in messages that are urgent, misspelled, or asking for money or personal information
  • The embedded URL is different than the link shown

There are also ways to test a link without clicking it. If you hover your mouse over the link, often times the URL is shown and you can see if it’s what you were expecting and if it’s secure beginning with HTTPS (Hypertext Transfer Protocol Secure).

If you receive a message that seems odd and is from someone you know, reach out to that person directly instead of clicking an unknown link.

If you do click an embedded link that leads to a website about which you are unsure, don’t share personal information or download anything. Leave the website and run a security scan with your antivirus program. Consult a professional if you’re not sure how to do this.

If you spot an illegal scheme or fraud, help warn others by reporting it on BBB Scam Tracker today.

For more tips on avoiding scams, check out BBB’s 10 Steps to Avoid Scams.