Beware of These Common Tricks Used by Hackers in URLs

Most Common Rogue URL Tricks used by hackers

Recently One of our client, a small business owner, received an alarming call from one of her customers. The customer had received an email claiming to update their bank details by clicking on a link in the email. The customer was confused because they didn’t remember signing up for any updates, and they weren’t sure if they should trust the email.

Our tech team has started investigating and found out that a hacker had gained access to AWS account and had sent the email to customers using business email address.

The hacker had used a rogue URL trick to create a fake bank website that looked almost identical to the real bank website. The link in the email led the customer to the fake website where they were asked to enter their login credentials, which the hacker used to steal their sensitive information.

We were devastated by the news and immediately contacted AWS support, to report the incident.

From this experience, We shared importance of securing online accounts and being vigilant about phishing attempts to client. Client has invested in stronger passwords and two-factor authentication, as well as educating team on how to spot and avoid phishing emails.

So Hackers often use a variety of tactics to trick users into clicking on rogue URLs that can lead to malicious websites, phishing pages, or malware downloads. Here are some of the most common rogue URL tricks used by hackers:

1. URL Shorteners: A hacker may use a URL shortener to create a shortened link that looks legitimate, but actually leads to a malicious website. For example, imagine you receive an email from your bank asking you to click on a link to log in to your account. The link looks something like “https://bit.ly/3sQ6PYG". This link could lead to a fake bank website that looks like the real thing, but is actually designed to steal your login credentials.
2. Homograph attacks: A hacker may use characters from different alphabets to create a URL that looks like a legitimate website, but actually leads to a fake site. For example, imagine you receive an email from your bank with a link to their website. The link looks like “www.micrоsoft.com". At first glance, it looks like the URL for Microsoft, but if you look closely, you’ll see that the “o” in “microsoft” has been replaced with a character from the Cyrillic alphabet that looks almost identical. Clicking on this link could lead to a fake bank website that steals your login credentials.
3. Typosquatting: A hacker may create a website with a domain name that is similar to a legitimate website, but with a common typo or misspelling. For example, imagine you’re searching for the website for a popular online store, but you accidentally type in “www.amzon.com" instead of “www.amazon.com". Another example, a hacker might register “gogle.com” instead of “google.com” to trick users into visiting a fake site. The fake site looks almost identical to the real one, but if you enter your login credentials or credit card information, the hacker can steal it.
4. Phishing: A hacker may create a fake website that looks like a legitimate website (such as a bank or social media site) and send you an email with a link to that website. For example, imagine you receive an email that appears to be from your bank, asking you to click on a link to log in to your account. The link leads to a fake bank website that looks almost identical to the real one, but is designed to steal your login credentials.
5. Malvertising: A hacker may place malicious ads on legitimate websites that lead you to a fake website. For example, imagine you’re browsing a popular news website and you see an ad for a free antivirus program. You click on the ad, but instead of downloading the antivirus program, you’re taken to a fake website that looks like your bank’s website. If you enter your login credentials, the hacker can steal them.
6. Redirects: A hacker may use code to redirect you from a legitimate website to a fake website without you realizing it. For example, imagine you’re on a legitimate shopping website and you click on a link to a product you’re interested in. Instead of taking you to the product page, you’re taken to a fake website that looks like your bank’s website. If you enter your login credentials, the hacker can steal them.
7. Spoofed emails: A hacker may send you an email that appears to be from a legitimate source (such as your bank or social media site) and contains a link to a fake website. For example, imagine you receive an email that appears to be from Facebook, asking you to click on a link to update your account information. The link leads to a fake Facebook website that looks almost identical to the real one, but is designed to steal your login credentials.

It’s important to be cautious when clicking on links, especially in emails or on social media. Always hover over the link to see where it leads before clicking, and be wary of any URLs that seem suspicious or unusual.