HOW TO DECODE A WEB ADDRESS. Does that link belong to Lehigh?



Similar documents
The Social Accelerator Setup Guide

Getting Started in Tinkercad

Mail Merge Tutorial (for Word ) By Allison King Spring 2007 (updated Fall 2007)

Copy Documents from your Computer (H Drive) to a Flash Drive

Your Web Site Parts - Domain Names, URLs, Web Hosts, DNS - What They Are, and What You Need

UNTOLD MAP SECRETS. Are you a MyAdvertisingPays member? Great!

Working with the Ektron Content Management System

SPECIAL REPORT INFUSIONSOFT: 7 KEYS TO TOP RESULTS. What s Inside? OVERVIEW KEY # 1: RESPECT YOUR AUDIENCE

INTRODUCING AZURE SEARCH

File Management Windows

So you want to create an a Friend action

Online Security Information. Tips for staying safe online

Action settings and interactivity

Checking Spelling and Grammar

A free guide for readers of Double Your Business. By Lee Duncan Your Business.com

Club Accounts Question 6.

Google Docs, Sheets, and Slides: Share and collaborate

Getting Started with WebSite Tonight

WebSite Tonight. Getting Started Guide. Getting Your Personal Website Online in One Night. WebSite Tonight // A Wedding Website

It may look like this all has to do with your password, but that s not the only factor to worry about.

Dreamweaver and Fireworks MX Integration Brian Hogan

Setting up a website for your club.

Anglia IT Solutions Managed Anti-SPAM

Why should I back up my certificate? How do I create a backup copy of my certificate?

Lab 1: Create a Personal Homepage

Microsoft Dynamics CRM Clients

Quick Start Articles provide fast answers to frequently asked questions. Quick Start Article

How to make a VPN connection to our servers from Windows XP

Quick, Easy and Inexpensive Monitoring a new MXN Service

How to Use New Relic Custom Dashboards & Why You d Want To

6 Strategies Lawyers Can Use to Streamline Digital Marketing Work

LESSON 7: IMPORTING AND VECTORIZING A BITMAP IMAGE

Vodafone Hosted Services - A Guide to Selecting and Preparing Your Own Domain

Building Customer Confidence through SSL Certificates and SuperCerts

How to Avoid an Attack - Security Testing as Part of Your Software Testing Process

Chapter 28: Expanding Web Studio

SUCCESS TOOLKIT

NCH Secure Web Delivery Instructions

How to get MOSS 2007 dev. environment set up in Vista with sample project.

ACCESS Importing and Exporting Data Files. Information Technology. MS Access 2007 Users Guide. IT Training & Development (818)

Participant Tracking Functionality

How To Develop An Application

PROVIDING SINGLE SIGN-ON TO AMAZON EC2 APPLICATIONS FROM AN ON-PREMISES WINDOWS DOMAIN

Hypercosm. Studio.

Online Business Console Going Live Tutorial

Figure out the early start and early finish. Early start. Early finish

Website Promotion for Voice Actors: How to get the Search Engines to give you Top Billing! By Jodi Krangle

Prepare your result file for input into SPSS

How to make a VPN connection to our servers from Windows 8

Server External Authentication. FileMaker 9 Product Line

Phishing Past, Present and Future

CAS CLOUD WEB USER GUIDE. UAB College of Arts and Science Cloud Storage Service

A Quick Algebra Review

10 TIPS & TRICKS FOR MICROSOFT LYNC 2010

Vtiger CRM Outlook Plugin Documentation

Getting FileMaker Server 11 and IIS 7.x to Work with SSL. By Todd Duell

Protect Yourself. Who is asking? What information are they asking for? Why do they need it?

osclass open source classifieds Installation Guide step by step

Installation Procedure SSL Certificates in IIS 7

Remote access set up for a home PC

How to get the most out of Windows 10 File Explorer

NJCU WEBSITE TRAINING MANUAL

CLAIMS-BASED IDENTITY FOR WINDOWS

Microsoft Word 1A: Business Letters: Format, Text Wrap, Insert Text Box, Logo

Integrating Other Addresses with your Yuba College Campus

Concepts in IP Addressing...

STRUCTURE AND FLOWS. By Hagan Rivers, Two Rivers Consulting FREE CHAPTER

Joining an XP workstation to a domain Version 1.00

DNS Record Information for the Pushex Exchange server

A White Paper. VerticalResponse, Delivery and You A Handy Guide. VerticalResponse,Inc nd Street, Suite 700 San Francisco, CA 94107

How to Start Your Own Hosting Company for Free!

The Internet. Main Goal: Students will learn how the Internet works, as it relates to URL addresses and web pages. OVERVIEW: VOCABULARY: OBJECTIVE:

Sending on Blue Hornet

How To Make Money On Google Adwords

Programming in Access VBA

Guide to Trading GUIDE TO TRADING

Usability Test Results

NTFS permissions represent a core part of Windows s security system. Using

TortoiseGIT / GIT Tutorial: Hosting a dedicated server with auto commit periodically on Windows 7 and Windows 8

Dealing with Spam. February 16, Marc Berger SRJC Information Technology. Tuesday, April 10, 12

Marketing Agency. Three Steps to Internet Success. The Small Business. In this guide

DYNAMICS TUTORIAL. The Dynamics Series

EKT 332/4 COMPUTER NETWORK

Why Companies are Integrating DAM & Online Proofing

The 7 Biggest Marketing Mistakes Small Business Owners Make and How to Avoid Them

HELP DESK MANUAL INSTALLATION GUIDE

University of Hull Department of Computer Science. Wrestling with Python Week 01 Playing with Python

Creating and Managing Shared Folders

Gravity Forms: Creating a Form

Linking Access to SQL Server

Outlook Data File navigate to the PST file that you want to open, select it and choose OK. The file will now appear as a folder in Outlook.

Rochester Institute of Technology. Finance and Administration. Drupal 7 Training Documentation

How To Save Money On Voice And Data For Your Business

Designing an Identity Theft Prevention Program

How to Configure Outlook 2013 to connect to Exchange 2010

Android App Development Lloyd Hasson 2015 CONTENTS. Web-Based Method: Codenvy. Sponsored by. Android App. Development

Basic Website Creation. General Information about Websites

SharePoint 2007 Get started User Guide. Team Sites

BOOKKEEPING WITH COMPUTERS

Citrix for Mac Installation

Transcription:

HOW TO DECODE A WEB ADDRESS Does that link belong to Lehigh?

About this tutorial This quick guide is intended to make it easy for you to spot fraudulent web addresses, which frequently occur in phishing e-mail messages. It is not a complete guide to everything there is to know about web addresses the objective is simply to help you answer the questions where does this link go? and does it go to Lehigh (or to the place it claims to go)? To answer these questions, you just need to know where to look, and learn to ignore the stuff that s irrelevant.

Links: Where do they go? All links have two parts: The link text, which is what is displayed (often, but not always, this is in blue and underlined). The link address, which is the address of the page where the link will take you (you don t immediately see this). For example: Click here. (The link text is the word here ; the link address is http://www.lehigh.edu) It is important to note that the link text can look like a web address (we ll see an example shortly), but even if it does, link text doesn t affect where you go the link address does.

Links in email In an all-text email message, many browsers will automatically display any web address as a link (where the link text and the link address are the same). For example: http://www.lehigh.edu (the link text is the same as the link address). Phishing messages will exploit this fact to try to fool you they will often have links whose link text looks like a safe and familiar web address, but the link address points somewhere else.

Seeing the link address When you hover the cursor over a link (point, but don t click), the status area at the bottom of the window will usually display the link address. Hover here, over the link web address appears here This works in many email programs and web browsers.

Always check the address Remember: even if the part of the link that you see (the link text) looks like a web address, always hover over the link to check the actual link address; it might be different. Note: if it is different, that fact by itself indicates that the message is probably fraudulent. The point is, you don t need to click on a link to see where it goes.

Parts of an address A web address has several parts: the protocol, the server name, the path, the query string, the fragment identifier, and so on. domain this is the bit that matters http://www.site.com/~user/dir/subdir/file.htm#part?name=fred&id=6 protocol server path resource fragment query string However there is only one thing you really care about: does this link point to a web site that belongs to the organization it says it does? For this, what you need to know is the domain. This is the last part of a server name (for example, at Lehigh, this is always lehigh.edu).

The server name In a web address, the server is specified in the same place every time. It starts after the double slash ( // ) near the beginning of the address, and it ends at the very next slash. So, for example, in http://mysite.myco.com/bingo, the server name is mysite.myco.com. The domain in this example is myco.com. Since the domain is not lehigh.edu, this is not a Lehigh site.

Domain names Domain names indicate who the site belongs to. Universities and other educational institutions have domain names that end in.edu (Lehigh owns the domain lehigh.edu). Many corporations own domain names that end in.com (mcdonalds.com, bestbuy.com, homedepot.com). Domains ending in.gov or.mil are government or military, respectively. Domains ending in two letters (like.us or.ca) indicate countries (the US and Canada, in this case).

Domains and servers The server part of the web address contains the domain (always at the end). So Lehigh has servers like: portal.lehigh.edu coursesite.lehigh.edu cf3.cc.lehigh.edu Notice that they all end in lehigh.edu So a Lehigh web address might look like: https://confluence3.cc.lehigh.edu/display/ltscas/crashplanpro+backup+server

Examples of valid web addresses http://www.irs.gov/pub/irs-pdf/f1040.pdf (this is a link to a PDF of a tax form at the IRS the domain is irs.gov). http://www.dmv.state.pa.us/centers/vanityplate.shtml (this is a link to an information page at the Pennsylvania Department of Motor Vehicles the domain is pa.us) http://support.microsoft.com/ph/2514/en-us (this is a link to a Microsoft knowledge base item the domain is microsoft.com)

Phishing and web addresses A lot of phishing messages are very straightforward they don t expect you to check where the address goes. So many web addresses in phishing messages look nothing at all like what they should. Links that are supposed to go to Lehigh web sites don t even mention Lehigh anywhere. BUT, phishing message creators are getting cleverer, and they are starting to use web addresses that seem to be Lehigh-related, even though they aren t. As long as you are careful to check the domain, you can spot these too.

Trying to fool you In a phishing email message, link addresses may have extra information that is designed to try to fool you. For example, the server name may be extra long, and mention Lehigh (or even lehigh.edu!) near the beginning. But if the domain (the end) isn t lehigh.edu, it isn t a Lehigh site. Example: http://lehigh.edu.myform.myco.com/go.html the domain is myco.com, not lehigh.edu this is not a Lehigh address. (lehigh.edu is not at the end of the server name)

Dirty tricks Or something that looks like a Lehigh server name may appear, but not in the place a server name should. Example: http://site.myco.com/webmail.lehigh.edu/go.cfm again, the domain is myco.com, not lehigh.edu this is not a Lehigh address (the lehigh.edu is in the wrong place it s not in the server name at all). Example: http://site.myco.com/show.html?go=www.lehigh.edu once more, the domain is myco.com, not lehigh.edu

Dirtier tricks Or the domain may be almost lehigh.edu, but not quite. Example: http://services.my-lehigh.edu/gethelp.php the domain is my-lehigh.edu, not lehigh.edu (the parts are separated by periods and must match exactly). Example: https://portal.leigh.edu/secure/login.php the domain is leigh.edu, not lehigh.edu (spelling counts, and almost isn t good enough).

Read it right Remember: Only look at the server name (the part between // and the next /). Only look at the last part of the server name (something-dot-something). If it isn t lehigh.edu, it isn t a Lehigh site. (Likewise, if it isn t irs.gov, it isn t the IRS, and so on). Always check to see where a link points before you click on it. Stay safe.

Contact If you have questions, contact the Help Desk at 610-758-4357, or get in touch with me: Doug Reese LTS Help Desk 610-758-4357 dsr1@lehigh.edu

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information