Cybercriminals use various techniques to trick users into clicking on malicious or phishing links that can compromise their data and devices. These techniques often involve hiding the real destination of the link behind a seemingly legitimate or harmless one. In this blog, we will explore some of the common methods used by cybercriminals to disguise URLs and how you can protect your business from falling victim to these attacks.
An @ symbol in the address
One of the simplest ways to hide the real domain in the address is to use the @ symbol in the URL. This is a valid symbol that can be used to include a login and a password into the website address, such as login:[email protected]. If the data before the @ symbol is incorrect or not suitable for authentication, the browser simply discards it and redirects the user to the address after the @ symbol.
Cybercriminals use this technique to create a convincing page name, use the name of a legitimate site in it, and place the real address after the @ symbol. For example, look at this address disguised in this way: http://convincing-business-related-page-name-pretending-to-be-on-google.com@kaspersky.com/blog/
It looks like a page with many words in the name hosted somewhere on the Google domain, but the browser will take you to http://kaspersky.com/blog/.
Numbers instead of the IP address
Another way to hide the real domain in the address is to use numbers instead of the IP address. This is done by converting the IP address of a site into an integer, which is more convenient to store in databases. When modern browsers see a number in an URL, they automatically convert it into an IP address.
Cybercriminals use this technique in combination with the @ symbol to make the real address look like a parameter. For example, this is how a link to our corporate website can look like: http://google.com...%@3109359386/
The browser will ignore everything before the @ symbol and take you to http://3109359386/, which is equivalent to http://185.53.178.6/.
URL shortener services
A third way to hide the real domain in the address is to use one of the legitimate link shortening services, such as bit.ly, goo.gl, or tinyurl.com. These services allow users to create shorter and more convenient links that redirect to the original ones.
Cybercriminals use these services to mask malicious or phishing links behind seemingly harmless ones. For example, this link http://bit.ly/2G7Z6fj looks like a generic shortened link, but it actually redirects to http://malicious-site.com/.
How to protect your business from disguised URLs
As you can see, cybercriminals can use various methods to disguise URLs and deceive users into clicking on them. This can lead to data breaches, malware infections, ransomware attacks, identity theft, and other serious consequences for your business. Therefore, it is important to take some preventive measures to protect your business from these threats.
Some of the best practices to avoid falling for disguised URLs are:
- Educate your employees about the common techniques used by cybercriminals to disguise URLs and how to spot them. For example, you can use phishing simulation and security awareness programs to test and train your staff on how to identify and avoid malicious links.
- Use a reputable antivirus and anti-malware software on your devices and keep them updated. This can help you detect and block malicious links and websites before they can harm your system.
- Use a secure web browser and enable its security features, such as pop-up blockers, phishing and malware protection, and HTTPS enforcement. This can help you avoid visiting unsafe or unencrypted websites that may contain disguised URLs.
- Use a trusted VPN service to encrypt your online traffic and hide your IP address. This can help you prevent cybercriminals from tracking your online activity and targeting you with customized attacks based on your location or browsing history.
- Use a reliable cloud security solution to protect your data and applications in the cloud. This can help you monitor and control your cloud environment, detect and prevent data breaches, and comply with regulatory standards.
How Vinca Cyber can help you with cloud security
If you are looking for a cloud security solution that can help you protect your business from cyber threats, you may want to consider Vinca Cyber. Vinca Cyber is a global cybersecurity services and products company that provides unified visibility across disparate data sources, whether they are in the cloud, on-premises, or on remote devices.
Vinca Cyber offers a comprehensive range of cloud security services, such as:
- Cloud security assessment and consulting
- Cloud security architecture and design
- Cloud security implementation and customization
- Cloud security monitoring and reporting
- Cloud security optimization and improvement
Vinca Cyber also partners with leading cloud security technologies, such as Netskope, Accops, and Microsoft, to provide you with the best-in-class solutions for your cloud security needs.
Vinca Cyber has a team of experienced and certified cybersecurity experts who can help you achieve 360-degree cyber resilience for your organization. With Vinca Cyber, you can rest assured that your data and applications in the cloud are secure and compliant.
