THE RED FLAGS OF
R GUE URLs
Spotting malicious URLs is a bit of an art. The examples represented here are some of the common tricks used by hackers and phishers to fool users into visiting malicious websites. The methods shown here could be used by legitimate services, but if you see one of these “tricks” you need to make sure you’re dealing with the organization you think you are.
Domain Mismatches
Look-a-Alike Domains Domain names which seem to belong to respected, trusted brands. Slight Misspellings
Microsoftnline <v5pz @ onmicrosoft . com>
Human Services .gov <Despina . Orrantia6731610 @ gmx . com>
https : // www . le-blog-qui-assure . com/
Strange Originating Domains
www . l l nked in . com Brand name in URL, but not real brand domain
ee . microsoft . co . login-update-dec20 . info www . paypal . com . bank / logon? user= johnsmith @ gmail . com
MAERSK <info @ onlinealxex . com . pl>
Overly Long URLs
ww17 . googlechromeupdates . com/ Brand name in email address but doesn’t match brand domain
Bank of America <BankofAmerica @ customerloyalty . accounts . com> Brand name is in URL but not part of the domain name
devopsnw . com / login.microsoftonline . com?userid=johnsmith
URL Domain Name Encoding https :// %77%77%77.%6B%6E%6F%77%62%654.%63%6F%6D
URLs with 100 or more characters in order to obscure the true domain.
http : // innocent website . com/irs . gov/logon / fasdjkg - sajdkjnd fjnbkasldjfbkajsdbfkjbasdf/adsnfjksdngkfdfgfgjhfgd/ght.php
File Attachment is an Image/Link It looks like a file attachment, but is really an image file with a malicious URL.
INV39391.pdf 52 KB
Open Redirectors
Shortened URLs When clicking on a shortened URL, watch out for malicious redirection.
https : // bit . ly / 2SnA7Fnm
https : //d. pr/free/f/jsaeoc Click or tap to follow link.
URLs which have hidden links to completely different web sites at the end.
t-info . mail . adobe.com /r/ ?id=hc347a&p1=evilwebsite .com
© 2021 KnowBe4, Inc. All rights reserved. Other product and company names mentioned herein may be trademarks and/or registered trademarks of their respective companies. 01DSSB34R01
Travel & Tourism Motorcoach Familiarization Tour By Amy Larsen, Wyoming Office of Tourism The week of Sept. 13, the Wyoming Office of Tourism (WOT) hosted three qualified motor coach companies on a 1500-mile familiarization tour along the Salt-to-Stone and Rockies-toTetons route. In all, they met with more than 30 partners including restaurants, lodging options, attractions, local artists and museums. The overwhelming reaction was “I had no idea how much more Wyoming had to offer!” They all were eager to start working on new and extended itineraries that will most likely begin in 2023. What became known as the “Wyoming Rendezvous Tour” started 52 million years in the past in the Fossil Basin area and then spent the majority of the time exploring the history of the
Mountain Man, Rendezvous points, Native Americans, emigrant trails and wildlife as they circled the Wind River Mountain Range. The stories told along the way fascinated the tour operators as they recounted them often and connected them to the other stops. The scenery of course left them speechless and wanting to return. The tour operators were selected through meetings held at ABA and NTA, as they had expressed interest in growing their Wyoming itineraries. While the motor coach industry has been very active in Wyoming this summer, WOT intentionally kept this familiarization small, knowing additional tours would be held in the future in other areas of the state. n
November 2021
n
Interchange 11
