In my last post I urged you to be careful when you click on a link in an email, in a blog or on a website. If there is anything strange or unusual about the website, blog post, or email, then either simply say “no” and move on, or carefully inspect the link. In case you are not sure of the danger I am worried about, I am repeating part of an earlier post.
I received an email indicating we had added a new payer to our E-Z Financial bank account. (Yep, it had a real bank name you would recognize, but that bank had nothing to do with this so I won’t mention it and use “E-Z Financial” instead.) The payer name was clearly a name we did not recognize, and it requested we click on a link if we had not done this. My wife was suspicious for several reasons, primarily because she didn’t know we had an E-Z Financial bank account.
A quick inspection of the email seemed to say this was a real email from E-Z Financial; the link back started out as http://online.EZFinancial.com, which certainly looks valid. We do not have an account with them. But that was not what triggered my concern, since someone could have opened an E-Z Financial account in my name, probably not to give me money. I went to the bank’s web site and sure enough on their security alert page was an example of this email. What was wrong with the link was a period instead of a forward slash after the EZFinancial.com. The link was actually
Please do not try this link in your browser. I have modified it some, but possibly not enough to make the scam fail.
URL, the “easy to read” address of a web site or page, can be quite long and complex, but is actually fairly simple to take apart. For example, if you go to Amazon’s web site and click on “Today’s Deals” you end up at
Scan after any leading “http://” to the first forward slash “/”. Then scan back past the previous period and then back to the beginning or next period to get the domain name. In this case the domain name is “amazon.com.” That is the web site. Everything after that first slash just means a particular page perhaps with parameters on the web site (“gp/goldbox” is a particular page on amazon.com, and “ref=cs_top_nav_gb27” is a parameter passed to that page).
On the scam link, the domain name is not “EZFinancial.com” but “is-an-account.com”. The stuff before that is called a subdomain, but is owned by “is-an-account.com,” not “EZFinancial.com.” I tend to be suspicious of strange domain names.
When you go to a web page, it is a good thing to look up in the URL window at the top of your browser and see where it really is. Some browsers, like FireFox, actually highlight the domain name for you just for this reason. If it isn’t what you think it should be, close the browser window, make sure your virus check software is up to date and do a full scan of your system.
The last word:
Always practice safe clicking.
Pass the word to your children and your employees.
Keep your sense of humor.