How Do I Know What Website I'm Really Visiting?

Notice in the image above, when the mouse hovers over the link the URL is displayed at the bottom of the web browser. Hovering over a link, even one where the URL is spelled out, can be useful in figuring out if the link is okay to click.

Hover your mouse over the link below. Is the address in the text the same as the URL it is pointing to?

http://safe_and_friendly_company.com/login

Notice that although the text shows a safe URL, the link is actually programmed to go to a different URL. This is a big red flag!

Understanding the construction of a URL is your most important defense against phishing attacks. If you're confused by a URL, it's best to ask someone for help to determine if it's safe to click it!

1. URLs have domain extensions. They are located after http:// and are right before the first single-slash /. In the following example, the domain extension is .edu: http://www.fullerton.edu/it
2. Each URL has a domain. The domain is located after the http:// and before the first single-slash / and they include the domain extension. In the following example, the domain is fullerton.edu: http://www.fullerton.edu/it
3. Each domain has a hostname which can be confusing. The hostname of a URL is all of the left most pieces of a full internet address if there are more than 2 parts to the address. If there are only 2 parts of the address, then the hostname is equivalent to the domain name. In the following example, www.fullerton.edu is the hostname as well as the domain name: http://www.fullerton.edu/it. In this next example, the hostname is training.fullerton.edu: http://training.fullerton.edu.
4. Be careful! URLs can be tricky.
5. Ask yourself: does my company own this domain?
6. Examine the URL in the link's destination; ignore the link's text!