Phishing links are links which fraudsters use to trick people into providing the access credentials to online accounts. If you click such a link, they can then use your personal information to commit identity theft, charge your credit cards, empty your bank accounts, read your email, and lock you out of your online account by changing your password.
Phishing links are usually sent in phishing emails and often lead to a phishing website.
Since phishing links are rigorously filtered out by email clients you should make sure that nothing in your email content could be mistaken for anything malicious. This page will help you avoid the most obvious pitfalls.
Link text
Spam filters pay particular attention to the text shown for a link. If the text part of the link is made up or straightforward, readable text, we are usually not talking about a possible phishing attempt.
However, if the text part contains a URL and that has a different domain name than the URL in the href
part, it will be interpreted as (and most likely is) a phishing attempt.
Please note that every type of domain is included here, so if the link has a subdomain, for example, and there is a difference in this, it will also be interpreted as a phishing attempt.
- Good:
<a href="http://www.example.com/">Example link</a>
- OK:
<a href="http://www.example.com/">www.example.com</a>
- Bad:
<a href="http://info.example.com/">support.example.com</a>
- Worst:
<a href="http://www.example.com/">www.yourshop.com</a>
If you do use links, then you must definitely not track them.
Images as links
If the link is an image, the same rule applies to the alt
attribute for the image tag. This attribute is used by screen readers and is shown when the image cannot be displayed, therefore readable text is expected, for example:
<a href="http://www.example.com/">
<img src="example.png" alt="Example image" style="width:42px;height:42px;border:0">
</a>
Avoid using a URL as the alt text, and if you do, make sure that it has the same domain (including subdomain) as the one the link is pointing to. If you do use links, then you must definitely not track them.
Link parameters
If you use a link parameter to POST
or GET
data, the parameter should never contain a link as this will also be considered a phishing attempt. For example:
http://sub.example.com?id=22&&redirect=otherexample.com/test/something/
Link shorteners
If domains are used as URL parameters, signing or shortening the link is an option. However, do not use public link shorteners. These websites increase the possibility of getting caught in a phish net.