Versions Compared

Old Version 17

changes.mady.by.user Unknown User (arichard)

Saved on

compared with

New Version 18

changes.mady.by.user Unknown User (arichard)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: added faq about tiny links

...

Expand
titleWhat is the domain name? Why should I be concerned about domain names?

domain name is the name of a website.  For example, uwf.edu is a domain name.

It's very difficult for scammers to create fake websites with https://uwf.edu as the domain name.  But scammers can create websites that have URLs similar to the official address.  Users must pay close attention:

  • (tick)  https://uwf.edu/helpdesk (many UWF websites will have uwf.edu/ at the beginning of the URL)
  • (tick)  https://learnmore.uwf.edu/ (this URL has uwf.edu/ nearly at the beginning, but this URL is still valid because a period separates learnmore and uwf)
  • (error)  https://learnmore-uwf.edu/ (even though uwf.edu/ comes nearly at the beginning, this URL isn't valid because a hyphen separates learnmore and uwf, not a period)
  • (error)  https://university_west_florida.com/ (this URL doesn't have uwf.edu/)
  • (error)  https://financial-forms.com/uwf.edu/forms (this URL goes to financial-forms.com/)
  • (error)  https://uwf.edu.free_money.com/ (this URL actually goes to free_money.com/)


Expand
titleCheck the Address BarDid the address (or URL) in the address bar change?

By checking the address bar, you can verify that the site you accessed did not "redirect" you to a different site. Some attackers will use a "redirect" method to gather data. When redirected, you may click or access a link for a known site and may be sent to another. For example, accessing Amazon should bring you to a website with the web address of "amazon.com." If the address bar shows a different website, the website may not be legitimate. Please see the FAQ for further information about web addresses.

...

Expand
titleIs the web address (or URL) correct?

Many scammer realize that users accidentally mistype URLs.  For example, some users will type gmial.com when trying to access Gmail.  Scammers could then simply purchase the gmial.com domain for their website, and imitate Gmail's login screen.  So when people go to gmial.com, see something that looks like Gmail, and provide their login credentials, now the scammers have compromised these users Gmail accounts.

Simply put, always ensure that the URLs you visit are accurate.

Also note you can hover over links on webpages and emails to see what their actual URLs are.  See screenshot below for an example.


Expand
titleDid you click a short link instead of a longer link?

Users may choose to shorten their links, so that they could fit those links in a 240-character Twitter post.  But in most other instances, tiny links should be avoided, as character limits are usually not an issue, and you won't know where that tiny link leads until after you click it.

Please note one major exception – tiny links to Confluence pages.  This is an exception because users can tell where the link comes from; a tiny link from Confluence still begins with confluence.uwf.edu.  But with most other tiny links, users can't tell where the original link came from (e.g., https://bit.ly/32uPBBt ← this link is safe).


Expand
titleIs there contact info listed for the company who owns the website?Contact the Company

Check the website itself before conducting business with the website. Usually, at bottom of a website, there is an option called "Contact Us." If you do not trust a website, contact the company using the contact information listed. If you do not receive a response (or you notice the phone number is out of service), the site may not be legitimate.


Expand
titleDoes the Content content of the Website Look Appropriatewebsite look appropriate?

Legitimate businesses try to keep their websites professional in appearance and behavior. Check the website for things such as spelling errors, major grammatical errors, or readability ("Does the text make sense?"). Sites with these sorts of errors may not be legitimate. Trust your instincts. If the page does not look right, it may not be.


Expand
titleHave People Reported the Websiteother people reported the website as malicious?

A common method of investigating the legitimacy of a site is to use a major search engine (such as Google). Feel free to refer to VirusTotal's tool to check for possible vulnerabilities (use the "URL" tab to scan the site).


Expand
titleDoes Your Browser Prompt You With an Erroryour browser prompt you with an error message?

When trying to connect to an illegitimate website, your web browser may prompt you with an error message. If you receive a message like the one below, the website may not be legitimate.

Your connection is not private

...