NEVER CLICK THE LINKS!
Who knows where that link leads to?
You want to believe it leads to where the mail message text says it does. Like, maybe to your bank or workplace.
The way links work, unless you know how to take precautions, you may never know where it took you to.
Here is a link to a Visible Link.
Here's what the above link looks like when you look at the HTML source:
<a href="http://real-link.bad/">Visible Link</a>
(I hope there is never a ".bad" top-level-domain. But then, your browser might decide to add ".com" to it, too. Browsers really should not do that. Oh, yeah, I left out the target declaration, so it is a little easier to look at.)
That link could take your web browser to they guys who want to steal your money from your bank.
Or it could take you to a rogue server put together by your worst nightmare competitors to steal your company secrets.
Did you click the links?
Did you look at the error messages and the URLs in your browser window? (You haven't given your browser permission to hide the URL, have you?)
Not that rogue html code isn't able to overwrite what's in the URL field, anyway. (What? it can? Woops. That's right. It can. Oh, dear.)
I guess you should never let anyone you don't trust write you an e-mail message in anything but plain text.
Did you click the links?
Did you look at the error messages and the URLs in your browser window? (You haven't given your browser permission to hide the URL, have you?)
Not that rogue html code isn't able to overwrite what's in the URL field, anyway. (What? it can? Woops. That's right. It can. Oh, dear.)
I guess you should never let anyone you don't trust write you an e-mail message in anything but plain text.
======
Yes, it's an inconvenient rule.
Wearing clothes when you leave the house may sometimes feel like an inconvenient rule, too. Or refraining from sex with complete strangers, if you want a better metaphor.
======
There was a time when it was a rule for banks and financial institutions to never put links in e-mail. Unfortunately, convenience won out and practically "everybody" is doing it these days.
So, what should you do?
One thing that might help, if you are not into trying to read e-mail raw source text:
- Right-click the link and copy it. (Select "copy URL" or "copy link" from the pop-up menu.)
- Launch a text editor.
- Paste the URL into the text editor and look at it.
- Does it looks like it should?
- If you don't know what the URL should look like, look up the company or bank with your favorite search engine (google, or whatever).
- If it looks like a valid URL, paste it into the URL field in your web browser, and hit enter.
- web.mit.edu Massachusetts Institute of Technolgy's main pages
- home.byu.edu/home Brigham Young University's front door
- www.citi.com Citibank's primary pages
- www.paypal.com Pay Pal's primary pages
Look up the companies you work with. Pay attention to their URLs.
And never directly click the links in e-mail.
[JMR201704211122: addendum]
There are other problems with URLS that I didn't discuss above. You will want to read this, as well:
http://defining-computers.blogspot.com/2017/04/the-problem-with-full-unicode-domain.html
[JMR201704211122: addendum]
[JMR201704211122: addendum]
No comments:
Post a Comment