PhishingII – Reading The URL
Most of us come from a western culture where reading is performed left to right. It’s natural therefore to automatically read the a web site URL from left to right to understand where the link is from. The DNS systems – which controls how and where data between browser -> internet -> server is routed works the other way – from right to left. Many Phishers and email scammers have used this to their advantage.
For example take this condensed link from a recent spam email – one of dozens I get each day.
http://www.mybank.alliance-leicester.co.uk.idsrvtd.com/customerforms/server10a/form.asp/index....
Notice how the link reads naturally from left to right to show the probable ‘real’ online banking url of mybank.alliance-leicester.co.uk. Our brains are conditioned to make meaning out of labels and once the pattern recognition factors are realised it’s easy to ignore the rest of the URL. But this is where the REAL URL is contained. This is the idsrvtd.com domain which links to a server in Romania – most phishing now comes from China or Eastern Europe. Beats working eh? Just phish the gullable Brits!
To read a URL look for the first / after the http:// and then work from right to left from there. This will show the TLD e.g .com, .cn, .co.uk and then the domain, e.g ‘anyname’. The rest is a subdomain which is an internal server redirect only and has no other meaning for the end user. Take this on board when hovering over url links and reading long URL’s.
One of the new security features of IE8 (and possibly firefox3 & others, but I’ve not checked) is to grey out the ‘invalid’ part of the URL and to highlight in bold the actual URL.
The simple answer though is to have an adequate spam filter set up, and never, NEVER, click any link from an email requesting personal information of any sort, or ANY request to verify your online details because of ‘system upgrades’, or ‘maintenance’, or any reason.
If in doubt your bank will tell you what the main bank URL is and that will always have a prominent Online Banking login link. Simply go to your local branch and they’ll give you a leaflet or write it down for you.
Beat the spammers, phishers & con-artists…
