Fri Jul 2nd, 2021
Tags: checking links, Cyber Security, domain names, dropbox, google drive, KnowBe4, notifications, official websites, Security awareness training, Security Team, subdomains, suspicious emails, URLs
If you’ve taken security awareness training, you have probably been taught to hover your cursor over a link to view the destination URL. Checking the URL for things like misspellings, unofficial domain names, and sneaky subdomains is a great way to protect yourself against phishing links. But the URL could appear legitimate and still lead you to something malicious. Cybercriminals can use hijacked websites, websites that appear safe, or services like Dropbox or Google Drive to spread their phishing attacks.
While you should definitely make a habit of checking links before clicking on them, it is important to know the other red flags to look for in a suspicious email. Try examining the email by asking yourself some of the following questions:
If you still struggle to determine the legitimacy of an email, try looking outside of your inbox. For example, if you receive a notification email from a service you use, open your browser and navigate to the official website. Then, log in to your account to verify the legitimacy of the notification email. Or, if you are contacted by an individual, call the sender to confirm that the email really came from that person.