Secure Account Sign In

To Click or Not To Click: How To Identify Unsafe Links

Links: Some are trustworthy; others steal data or spread malware. Identifying which are legitimate and which are malicious is a vital part of security. When fraudsters go phishing, they’re hoping you’ll click on the unsafe links they send you, which can give them access to your private information via device or account takeover.

So how can you tell which links are unsafe? It all starts with closely inspecting the URL (Uniform Resource Locator). Here’s how to do that on traditional computers and mobile devices:

The Hover Over (Traditional Computers)

What it is: The process of hovering your mouse pointer, or cursor, over a link.

What it does: Reveals the full URL of links that are embedded in text, logos, and other icons.

What it accomplishes: Helps you identify links that have been manipulated by cybercriminals. For example, a button that says “log into account” might direct you to a malicious website, but you wouldn’t know that without hovering.

The Long Press (Mobile Devices)

What it is: The process of pressing and holding links on mobile devices like phones and tablets.

What it does: Since mobile devices don’t have a mouse, the long press achieves the same thing as hovering a mouse pointer or cursor.

What it accomplishes: Allows you to confirm the legitimacy of any links you may encounter on your mobile device, such as in email or other forms of communication.

As a best security practice, you should always hover your mouse over links when using a traditional computer. But should you always use the long-press method when on mobile?

Unfortunately, the long press works for some apps and some devices, but not all apps on all devices. Furthermore, an attempt to press and hold a link could accidentally turn into a click, which could turn into a security incident.

What should you do instead?

  1. Think before you click or long press, no matter what device you’re using.
  2. Wait until you have access to a traditional computer so you can use the hover method.
  3. Stay alert for common warning signs, like threatening or urgent language and bad grammar.
  4. Always follow policy and report all phishing attacks immediately.

We invite you to visit the FIBT Education Center for even more tips on keeping yourself and your finances secure.

Source: KnowBe4

Business Banking, Personal Banking, Security