Flights to Bermuda for $50 might sound like a great deal, but it’s not if in return your bank account gets hacked and your identity is stolen. Hackers know how to play with your emotions and how to create lookalike platforms, which trick you into giving out your sensitive information. Fortunately, there are ways to recognize such scams. Read on!
Jan 02, 2021 · 3 min read
A spoofed URL is a fraudulent link that is masked to look like a legitimate source in order to steal your data. Sometimes, just clicking on a spoofed URL is enough to infect your device with malware. Other times, the website will be designed to look identical to one you trust.
This way you won’t question it when asked to enter sensitive information such as your email, password or your home address. However, your data will be sent directly to the hacker instead, who can then use it to steal your money or identity.
Spoofed websites wouldn’t work without any traffic. That’s why they are usually distributed via phishing attacks. A link to the spoofed website is embedded in an email or a text message and then sent to thousands of people. The scams use bait to get you hooked, like an irresistible discount. All you have to do is click on the link.
Hackers have found many ways to create spoofed URLs and use them in malicious attacks. Let’s have a look at the 4 most common types of URL spoofing:
The oldest trick in the hacker’s book is to send a phishing email pretending to be a trusted source and hyperlinking malicious link to buttons or words. Lazy hackers still do it these days. Thankfully it’s quite easy to spot it. Simply hover over hyperlinked words or right click on it to see the URL.
You might receive an email from your favorite airline offering you cheap flights. All you need to do is click on the green button saying ‘Book Now.’ However, once you click on it, it will take you to a malicious website which will almost instantly install Trojan or another virus onto your device.
People tend to skim read messages, which means that hackers can send phishing emails with links designed to look just like trusted ones. It’s enough for hackers to change only one character to register a new domain!
Imagine receiving an email from Netflix, for example, asking you to confirm your payment details. When you hover over the link, you see a URL very similar to Netflix.com, but it’s actually ‘netfliix.com’ or ‘n3tflix.com’ (only hypothetical examples). If you just skim your message, you will most likely miss that little difference and click on the link.
Another common way to spoof URLs is by using URL shorteners like bit.ly and the likes. Some social media platforms limit characters per post (or for text messaging), so short links are a great solution.
However, they also make it easier for scammers to hide malicious links. It’s almost impossible to tell where this shortened URL is going to take you until you click on it.
The use of new scripts to register domains has created even more opportunities for hackers to steal your information. Now they can use non-latin characters to create homographic URLs. This means that spoofed URLs can now use letters with accents, glyphs, diacritics, and more. For example, nordvpn.com could become ņordvpn.com.
Some letters might look just like their Latin counterparts despite coming from a different alphabet. The internet will recognize them as entirely different characters and will allow hackers to register a new domain. These URLs are especially challenging to detect.
Want to read more like this?
Get the latest news and tips from NordVPN