The Truth About Clicking Links in Email and What To Do Instead
- Posted by: Adriene Hall
- Feb 25, 2019
- 3 min read
You’ve heard it a bazillion times: “Don’t click links in email!” That’s usually for a very good reason. This is by far one of the biggest ways we see clients get bitten. But what makes email links bad? What’s the worst that could happen if I do click one? This topic is cloudy for most people, so let’s break it down once and for all.
How Email Links Work
Nothing new, right? So where is this link going to take you? It can be hard to tell. This particular link will take you to Google. But what about this next one?
This link takes you to Google as well. Why? Because the HTML code I made in the background told it to. You can never tell where a link will take you based on what it says. That goes for pictures and buttons, too.
This is an official PayPal button, but it’s only an image (a “picture”). I can make it link anywhere I want. If you click this button, it actually goes to a special page I created.
What Are The Dangers of Email Links?
Phishing
Phishing is the term for sending emails (considered the bait) with a link to a fake website. Once on the site, the user is tricked into giving sensitive information. For example, the link takes you to a fake site that looks like your bank, and you try to log in with your username and password. The bad guy has now captured your login info. And if he’s clever then it would redirect you to the real site afterward. You’d probably be none the wiser.
For an ongoing list of phishing alerts, check out FraudWatch International’s page.
Malware or “virus” downloads
The link may take you to a website that infects your computer with malware like ransomware or a keylogger (a “virus” that captures everything you type into your computer like passwords and credit card numbers). Or it might even download the virus directly without going to a web page. Malicious web pages are the most common way that we see computers get infected.
Which Email Links Can I Click?
Well, if you don’t click any of them you won’t have a problem. But that’s not realistic. Very few people will ever take that advice. The good news is you don’t have to. I suggest treating links like attachments. Only click it if you’re expecting it.
Examples of when to click:
You just ordered something from Amazon. Feel free to click the shipment tracking link in the email they send you. Just make sure it’s exactly what you’re expecting. If you get a tracking link that you weren’t expecting, or for a product you don’t recognize, delete the email right away.
You just signed up for an account on a website. If they send you a link to confirm your email address, it’s okay to click it. But again, make sure it’s exactly what you’re expecting and you specifically remember requesting it.
Examples of when NOT to click
You get an unexpected email from your bank. Maybe it says that you need to log in and take care of something important. Don’t click the link they give you. If you didn’t know it was coming, there’s no guarantee it’s a legitimate email.
Your friend sends you a link that you weren’t expecting. Don’t click it. Remember, the sender’s address can be spoofed or their account hacked. Yeah, I know, this is all awfully annoying, so is there anything else we can do?
Comments