Kimlik avı linkleri

Spam filters pay particular attention to the text shown for a link. If the text part of the link is made up or straightforward, readable text, we are usually not talking about a possible phishing attempt. 

However, if the text part contains a URL and that has a different domain name than the URL in the href part, it will be interpreted as (and most likely is) a phishing attempt.

Please note that every type of domain is included here, so if the link has a subdomain, for example, and there is a difference in this, it will also be interpreted as a phishing attempt.

• Good: <a href="http://www.example.com/">Example link</a>
• OK: <a href="http://www.example.com/">www.example.com</a>
• Bad: <a href="http://info.example.com/">support.example.com</a>
• Worst: <a href="http://www.example.com/">www.yourshop.com</a>

 If you do use links, then you must definitely not track them.

If the link is an image, the same rule applies to the alt attribute for the image tag. This attribute is used by screen readers and is shown when the image cannot be displayed, therefore readable text is expected, for example:

<a href="http://www.example.com/">
  <img src="example.png" alt="Example image" style="width:42px;height:42px;border:0">
</a>

Avoid using a URL as the alt text, and if you do, make sure that it has the same domain (including subdomain) as the one the link is pointing to. If you do use links, then you must definitely not track them.

If you use a link parameter to POST or GET data, the parameter should never contain a link as this will also be considered a phishing attempt. For example:

http://sub.example.com?id=22&&redirect=otherexample.com/test/something/

If domains are used as URL parameters, signing or shortening the link is an option. However, do not use public link shorteners. These websites increase the possibility of getting caught in a phish net.