Keeping clients' computers safe and profitable for over 30 years

How to Decipher Links

Normal Ones

• https://ca.secunia.com : This is a secure link: https to the ca server in the secunia.com website. The https means a secure connection which is encrypted. the last name before the .com is the main server. Earlier names (ca in this case) are sub-servers within that site.
• http://www.amazon.com/gp/offer-listing⁄B0001V2N62/ref=dp_olp.... The http://means a standard, not a secure connection to somewhere, in this case amazon.com. The stuff after the .com are the folders within that server at amazon. Sometimes a ?=... or ref=... indicates giving search parameters to a search engine. But it would still be within Amazon. You really do not need to worry about the folders beneath the final .com address.
• Sometimes the link is embedded, so for instance they might say "go to our corporate website", with the link being embedded in the words Corporate Website. If you hover over those words and they say something like: http://corp.jones.com then you can assume it is going to the corp server within the jones.com network.
• https://maps.google.com/- This links to the maps server within the google network. https indicates a secure connection.
  
• http://www.oregonlive.com/blazers/: The blazers folder in the OregonLive domain.
  

Possible Traps

• Http://rs6.net⁄tn.jsp?t=g5itc8bab.0.enh9d8bab.ourfozbab.95&ts=S0222&p=http%3A%2F%2Fwww.SiteAdvisor.com This odd link is what links look like in MY newsletter, and it looks fishy. The link says it was going to siteadvisor.com, which is a legitimate site, but look what it really does! First you can see that it starts off going to rs6.net - Which you have no way of knowing is the service that sends out my newsletters. Then it goes to ⁄tn.jsp and sends a ?t= query along with a detailed specification. Then it forwards you on to www.siteadvisor.com . This even made me nervous! What is happening is that my newsletter sending service tracks the links that get clicked so I can get reports showing which articles have information you pursue. I am then able to write more articles that are getting interest from my clients. If I write an article with a link which no one clicks on, then I should write less of that sort of stuff. When a link gets a big response, I figure you want that kind of stuff. For example, I'm interested this month in how many of you follow the IMDB link to check it out that entertainment, and how many check out the Secunia and FileHippo security services. However, unless you trust me, you should not click on links that send you somewhere you don't know before sending you on to what it says!
• This one said Lending Saver offering to give me a free mortgage quote. The ip address I saw when I hovered over it was: 
  
  
  
  I was being offered a mortgage quote from a folder at hayfevervaccines.com - Not one I would want to click on.
• An email greeting card company had this link:
  
  
  
  The point of using the actual IP address instead of the website was to camouflage who it was really from. I looked it up, and they are not a legitimate company. This was from a large ISP so the address was probably a personal computer hijacked and turned into a zombie robot to serve an evil master. A client sent me a similar email from a Comcast customer, also probably a hijacked computer.
• I just got a Bank of the West phishing scam email with this apparent link:
  
  
  
  
  
  however when I hovered over it, I found it really linked to
  
  
  
  
  Notice that after bankoftehwest.com it has dll.hk. So we know that the real server is not bankofthewest, but dll.hk. .HK is the top level domain for Hong Kong. I looked dll.hk up in a whois search and found this: