Apr 15 2009 |  |
Have you ever gotten an email that looked like it came from a company you do business with? It might contain words like 'verify your account details', or it might warn you to some suspicious activity in your bank account. And, its call to action will be a link to a page where you should log in immediately.
Of course you have - I just described a phishing attack and phishing is nothing new. However, have you ever wondered why the links shown can look so incredibly legitimate? The 'answer' is that there is a quirk within HTML (aka 'the markup language that makes web sites look the way they do') that makes it possible to 'show' a different address than you are really going to.
Consider this link:
Looks like it takes you to Google, right? It doesn't - that link actually directs you to our homepage! You see, in HTML, you can make the anchor text (the words you click on) equal to anything you want. Your computer can be infected by rootkits and other forms of malicious software, just by navigating to the wrong website. So, how can you protect yourself?
Thankfully, browser designers have taken steps to make sure that you always know where you are going before you actually click. Next time you come across a link, hover over it and take a look in the bottom left hand corner of Internet Explorer. I took this screen shot of this page, while my mouse was hovered over my fake Google link:
Best of luck and be safe out there!
TrackBack URI for this entry 
Subscribe to this comment's feed 