[ExI] Phishing URLs

Chris Hibbert hibbert at mydruthers.com
Wed Aug 22 03:36:56 UTC 2007 

> 1. when posting links, try to go to the web page
>    (wherever you found it), and copy the URL that
>    appears in your browser window, instead of the
>    potentially dangerous extended link
> 2. when about to click on an html posted link,
>    like appeared in that email (below), examine
>    where the link really takes you before clicking
> 3. avoid posting in HTML items such as the underlined
>    "The Enthusiast" below, and post instead a string
>    beginning with "http://" that takes you somewhere
>    you'll gamble will be safe.
>  
> Are these right?
>  
> Lee

Roughly right.

1. When posting links, I go somewhat overboard.  In addition to cutting 
out the redirections through unnecessary sites, I often experiment with 
cutting off trailing cruft to find a url that won't be folded by mailers 
that think they know how long lines should be.  For instance, a simple 
web search produced this:

http://www.google.com/search?q=The+Enthusiast+by+David+Ewing+Duncan&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:en-US:official&client=firefox-a

Which encodes lots of information about *my* configuration and 
preferences, but is completely irrelevant to the search or your display 
of it.  It looks like the prefix contains all the interesting info, so I 
send only this:

http://www.google.com/search?q=The+Enthusiast+by+David+Ewing+Duncan

after verifying that it produces the same results.

(The general rule is that stuff following ampersands in URLs is usually 
parameters of some kind.  They aren't all useless by any means, but 
there's a lot of noise there.)

2.  My mail UI (Thunderbird) displays the expanded link in the window 
border.  It also usually posts a warning when link text displays a 
different URL than that linked to.  (The warning isn't prominent 
enough.)  If the visible link is different, I often copy and past the 
visible text to Firefox rather than clicking on the link.  Anything less 
than this is definitely hazardous to your security in several ways.

3.  good suggestion.

Chris
-- 
C. J. Cherryh, "Invader", on why we visit very old buildings:
       "A sense of age, of profound truths.  Respect for something
       hands made, that's stood through storms and wars and time.
       It persuades us that things we do may last and matter."

Chris Hibbert
hibbert at mydruthers.com
Blog:   http://pancrit.org

More information about the extropy-chat mailing list