The wonders of a Link OR Link secrets

by | Jul 25, 2018 | blog | 0 comments

The magic link, OR Link secrets

How to find the real address a link is pointing to

Summary:

How many times you got an email that appears to have come from eBay but it was not ?
How many time you suspected an email you got is a phishing email ?

You probably asked yourself many times how do I verify an email and make sure it is legit? This article will show you a quick way to find out if an email is a phishing or legit.

About the author: Avi Schneor, B.Sc. TE with Teaching diploma. eBay member since 1999, eBay coach with proven record in selling and buying. Author of eCommerce, How-To and modding  articles and guides.

thumbUP_gifanim First of all let me remind you the 2 basic rules:
1. If an email you got to your personal email box was not received in your message box in your ‘my-eBay’, than it is probably NOT from eBay.
2. eBay again and again says it will never ask for your username + password in an email.
So, if this email eventually leads to a page that asks for both, than it is not from eBay, no matter if the page looks identical to eBay page.

Now that we are aware of the above 2 above simple rules, let’s examine a suspicious email that looks like this:

sample of eBay phishing eMail

This email (like many others) starts with a kind of a problem that you, than it suggests a solution, usually it is a link to a page that looks like a legit eBay page which asks for your username and password to login.

exclaim2 Look carefully at the link, the link text appears as http://cgi.ebay.com that is a legit eBay address BUT this is the link text!
Everyone that knows little html knows that a link tag <a href=> consist of 2 parts, the text which is shown to the viewer and its link address. The link address is where you’ll be forwarded when clicking on the marked text that you are presented.

thumbUP_gifanim Website address structure:
Address may contain a long string, but what matters is the last site pointer of it.
For example, the following address: http://paypal.com.ebay.com.phishing.co.uk/ebay/auction1 is leading to the site phishing.co.uk (=the last site pointer) no matter what its prefix is !
All text after the ‘/’ sign is the file location under the last pointer site. So in this example, the file auction1 which is the target of this link since it is the last one, is located in directory /ebay which resides under site phishing.co.uk
The prefix of phishing.co.uk is a subdomain name of that site.

In our case (above image), the last site address of the link’s TEXT is cgi.ebay.com but review of the link address it leads to shows it is pointing to site jki.co.mx which is a phishing site in Mexico.
As explained above. http://cgi.ebay.com.jki.co.mx goes to jki.co.mx and NOT to eBay as you might think, ebay is not the last pointer.

How do I see this link ?
Hover your mouse cursor over the link, DON’T CLICK IT!, just hover above and in your browser’s status-bar or next to the link (depends on your email client/browser) you’ll see the link string where the link text actually leads to.

exclaim2 Remark: In some versions of IE and Gmail the link string may not show, still you can use the ‘copy shortcut/copy link address’ that copies the link where it leads (right click of your mouse while hovering the presented link text) and paste it in wordpad etc. to reveal it.

That easy is to monitor the links in an email and verify it is going to a legit site.

Those who wish to contribute and help fight those scammers, forward the email to spoof@ebay.com and attach the header of the email as well.

Do yourself a favor an make it a habit to examine every link you get in an email. Believe me , this might save you a lot of time and trouble.

Be careful out there, eBay is a wonderful place to deal as long as you are aware of the threats and risks.
Avi clapup_gifanim

Copyright © Schneor Design. All rights reserved. Do not copy without written consent from the author.

Comments, remarks and updates are welcome.
Some will be published, with hidden sender’s details.

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

Pin It on Pinterest

Share This
Skip to content