News, tips, advice, support for Windows, Office, PCs & more
Home icon Home icon Home icon Email icon RSS icon

We're community supported and proud of it!

  • Tasks for the weekend – checking those URLs

    Home » Forums » AskWoody blog » Tasks for the weekend – checking those URLs

    Author
    Topic
    #2394910

    Youtube here showcasing the malicious email So today I got an email that almost ‘caught’ me. It was a fedex email that looked nearly legit. But if you
    [See the full post at: Tasks for the weekend – checking those URLs]

    Susan Bradley Patch Lady

    2 users thanked author for this post.
    Viewing 8 reply threads
    Author
    Replies
    • #2394913

      Why yes I do hover first.

      Cheers!!
      Willie McClure
      “We are trying to build a gentler, kinder society, and if we all pitch in just a little bit, we are going to get there.” Alex Trebek
    • #2394932

      Should a “bad” message somehow get by the (my web host-supplied) mailspamprotection.com filter, my Norton 360 spam filter will have a look, plus my MS Outlook is configured to display messages in text only, thereby showing the full link addresses by default. Even if the web link in an E-mail appears safe and I click on it, the Norton 360 firewall will then provide additional protection and allow access to the site – or not. In case of a worst-case scenario, OS disc backups are made about every 2-3 days or so.

    • #2394928

      Yes, when I remember to do so.  Email is the single largest malware threat, IMO.

      Good advice.

    • #2394934

      I get that same e-mail (or the UPS/DHL equivalent) at least once or twice a week but have never  been tempted to click on anything simply because I didn’t have any packages pending delivery and I always track my packages using the shippers tracking site until they’re actually delivered.

      BTW…

      Instead of using the “Type clipboard text” option and having to wait for the text to get “typed” onto the screen, you can use the hot key combo Ctrl+V to instantly paste the clipboard contents to the screen.

      Also, instead of using the arrow keys to “scroll” to the end of a long line of text, you can use the End key to immediately move the cursor to the “last” character of a line (the Home key immediately moves the cursor to the “first” character of a line.)

      • #2394939

        I was hopping over a remote desktop connection into a hyperV.  When I’m like “double hopping” like that, Control V doesn’t work and you have to use the HyperV tools.

        Susan Bradley Patch Lady

        • #2394950

          OUCH!!

          • #2394962

            When I’m opening up malicious links, I want to make sure I’m “double hopping” 🙂

            Susan Bradley Patch Lady

    • #2394937

      If I get a delivery notice but I haven’t ordered anything, the email is bogus and I delete it.

      If I’m expecting a delivery, I visit the site from which I ordered whatever and check the delivery status there.  I delete the email.

      Create a fresh drive image before making system changes/Windows updates, in case you need to start over!
      "When you're troubleshooting, start with the simple and proceed to the complex."—M.O. Johns
      "Experience is what you get when you're looking for something else."—Sir Thomas Robert Deware

    • #2394981

      The only time I ever expect an email from FedEx or any other carrier is when I have a package coming and sign up for their tracking notifications for that particular delivery. I seldom have more than one or two packages coming at any one time, and most often none at all. All of the real tracking notification emails that I have received show the actual tracking number in body of the email, and sometimes it is in the subject line as well. I don’t think these spammers would include a genuine tracking number that I am already familiar with unless they had first hacked the carrier’s system, which I suppose is more than possible.

      If I ever receive a tracking email without having a package on the way, or one shows up without a valid tracking number in it somewhere, then I will be sure to be really careful with that email. Heck, just to be safe, I will be more careful with all of those emails from now on.

      Thanks for this info.

    • #2394985

      Evidently your phisher wasn’t very good. Hovering over the link can easily spoof the real domain while clicking on it will take you to the malicious domain. DON’T CLICK ON LINKS IN EMAIL.  EVER.

       

      • #2395236

        Evidently your phisher wasn’t very good. Hovering over the link can easily spoof the real domain while clicking on it will take you to the malicious domain.

        That’s not true for the link displayed at bottom-left of the browser:

        With the mouse pointer hovering over the hyperlinked “Preview Document” text, the browser displays the actual underlying URL — which is entirely malicious — in the bottom left corner of the browser.

        Bad Guys Spoof Phishing Link Hover Texts

         

        DON’T CLICK ON LINKS IN EMAIL.  EVER.

        As Susan demonstrated, malicious links are blocked by Microsoft SmartScreen or Google Safe Browsing.

        Windows 10 Pro version 21H2 build 19044.1320 + Microsoft 365 (group ASAP)

        1 user thanked author for this post.
    • #2394999

      A related education article from the ‘Make Use Of’ website by Christian Cawley updated May 11, 2021 discusses:

      “Is the link in that email legitimate? Whether sent by a friend or a stranger, it’s unwise to click links without knowing where they take you. Before clicking any suspicious link, use one of these link checkers to check that it doesn’t lead to malware or other security threats.”

      Note: Do not forget to ‘Hover’ over the url = the updated article lists 7 websites to visit, even though the url address mentions 4. A test to see if everyone is hovering as instructed by our brilliant instructor PhD Susan B. Also, I like to always use VirusTotal when in doubt, along with some of the others like those listed here:

      7 Quick Sites That Let You Check If a Link Is Safe

      https://www.virustotal.com/gui/home/url

      3 users thanked author for this post.
    • #2395078

      I use Software Restriction Policies. If I try to open a file in my “download folder”, like a EXE or JAR, the OS will block it.

    Viewing 8 reply threads
    Reply To: Tasks for the weekend – checking those URLs

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.