The Internet is full of links. There is no website on which there is not at least one link. Every link leads users to another page. This page is not always known. This harbors dangers. Fake links can lead anywhere and cause great damage. Accordingly, links should be handled with care.
What are fake links?
You have probably come across fake links before. In most cases, these are found in phishing emails. The email appears to come from a trustworthy source and contains a link which, at first glance, also leads to this trustworthy source. However, clicking on the link does not redirect the user to this source. Instead, bank details or login data are harvested. The fraudsters then want to use this data to make online purchases or withdraw money from accounts, for example. Fake links always disguise themselves as links to a known site. The link address therefore actually looks correct. Due to the combinations of numbers and letters in links, it is often impossible to tell them apart anyway. For example, could you tell straight away whether this link is secure: https://shop.reiner-sct.com/authenticator/reiner-sct-authenticator?_ga=2.140170227.1113582019.1674424302-209605277.1669039293 Whether there is an extra 6 or a 9 missing somewhere would probably not be noticeable, would it? Don’t worry, by the way. The link is absolutely secure and will take you to our Authenticator page. Fortunately, there are ways of recognizing fake links. However, you have to pay attention to the details.
How to recognize fake links
Fake links usually follow a pattern. However, they do not deviate greatly from the original, which makes it difficult to recognize the forgery. Faking links is also known as squatting. There are basically six different types of squatting. TLD squatting changes the top-level domain. This is the domain extension. So .de, .com, .net etc. Before you click on a link, you should always check whether the domain extension is correct. authenticator.reiner-sct.com is the correct address. authenticator.reiner-sct.info is not correct and should not be clicked on under any circumstances. Subdomain squatting adds additional information to the domain. However, the link does not lead to the desired page, but to a fake domain. An example of this would be reiner-sct.com-shoppin.net. Combo-squatting works in a similar way. Here, an additional word is added to the domain that points to an existing page but leads somewhere else. An example of this would be reiner-sct-support.com. With sound-squatting, the name is changed slightly to look and sound similar to the original. For example, reiner-sct.com could become rainer-sct.com. Typo-squatting simply inserts a spelling mistake into the domain: riener-sct.com, for example. The homographic attack replaces letters with similar characters that are not immediately noticeable at first glance. An example of this would be reiner-5ct.com. With the necessary attention, it is not that difficult to recognize fake links. Above all, it helps if you know how a URL is structured.
The structure of a URL
A URL usually consists of five parts. These parts are separated by dots or other characters. The first part is the transmission protocol. You know it as http:// or https://. You should never click on a link with a different transmission protocol. You should also be careful with http pages, as these are older pages that may be insecure. The subdomain is usually the name of the page. For example, reiner-sct.com. However, the subdomain can also consist of several parts, which are then separated by dots. For example authenticator.reiner-sct. We have already mentioned the subsequent top-level domain (TLD). This is the ending .com or .de or .net or whichever is used. The subdirectory is then identified by a slash and refers to the actual page. For example /apps. This results in https://authenticator.reiner-sct.com/apps
Conclusion
Fake links are easy to identify with the necessary attention. You should always make sure that the link leads to an https website. The TLD must also be taken into account, as every website has a fixed TLD that does not change. Changes within the URL are not always noticeable at first glance. So always take a very close look. In the best case, do not click on any links at all and always choose the manual way by typing.