• Your IP: 3.230.144.31 (VA, United States)
  • Your ISP: Amazon.com
  • Your Status: Unprotected
  • Get Protected

August 19, 2021

How to Spot a Fake URL

Posted by

Every piece of content on the internet is found through a URL. In fact, without URLs, we would never be able to navigate the web. While most URLs are perfectly safe and take you exactly where you expect them to, scammers are increasingly making use of a fake URL or two to compromise your safety and privacy online. Thankfully, you can protect yourself by learning how to spot a fake URL. Here’s an in-depth look at what URLs are and how fake ones put you at risk:

  • What is a URL?
  • Why do fake URLs exist?
  • Where are they most commonly found?
  • What happens if I click a fake link?
  • How to identify fake links

What is a URL?

The acronym URL stands for “uniform resource locator.” You use URLs every time you visit the web. They’re actually one of the core building blocks for the internet and, without them, it would be almost impossible to navigate the enormous amount of content online. Before URLs were created, every website online was essentially assigned a number. You had to know the number of the website you wanted to visit in order to navigate to that site. 

However, as the web grew, knowing and remembering each unique number became an enormous challenge. In addition, searching the web for new websites was incredibly difficult. To solve this problem, URLs were created. Essentially, a URL is the written name assigned to every unique element, or resource, online (a “resource” may refer to entire web pages, or may only apply to a single photo or document). These addresses were much easier to remember and share, and they made it possible to index websites online, which made them searchable with tools like search engines, based on a few simple keywords.

 With the URL system in place today, if you want to visit Google, you simply type the URL google.com and can be on the site in a matter of seconds.

Why Do Fake URLs Exist?

Considering the fact that URLs make the world (wide web) go round, it seems as though it would be counterproductive to create fake ones. However, that doesn’t stop them from being created. So why do fake URLs exist? There are three main reasons.

  1. In some cases, although you may think a URL is fake because it doesn’t open to a functioning web page, it may actually just be leftover from old content. There are instances where the content on a web page is deleted but the URL remains active. These cases are not generally considered dangerous, although they can be annoying.
  2. Cybercriminals are behind the other two most common reasons for fake links. In the first case, if they convince you to click a fake link, they may be able to infect your device with malware. Malware may generate spam, lock your content, slow your device, or use your device to infect others. Some malware is created with the intent to cause as much damage as possible. Other forms are created to generate money; if you want the malware removed from your device, you have to pay the criminal an exorbitant fee.
  3. Cybercriminals may also create realistic-looking URLs to trick you into inputting your personal information on the resulting web page. This information may include things like your name, address, credit card number, banking details, passwords, and more. Once handed over, the criminal uses this information for their own gain (usually financial).

Where are Fake Links Most Commonly Found?

Although fake links are becoming more and more common online, that doesn’t mean you’ll run into them everywhere you go. There are a few places on the web where they’re found more commonly than others:

  • Emails. Cybercriminals have become experts at making scam emails look convincing. These emails will ask you to click a link for an urgent matter but, if you do, you might be taken to a website asking for your information or you may initiate the download of a virus.
  • Ads. Some ads, especially pop-up ones, contain links to URLs that will steal your information.
  • Torrenting sites. If you use shared peer-to-peer networks, you should be careful. They’re a hotbed for hackers who can take advantage of lax security protocols and monitoring to share fake URLs disguised as real content.
  • Social media. Some cybercriminals make use of bot accounts on social media websites. The main purpose of these bots is to convince users to click links in statuses, comments, and private messages. 

What Happens if I Click a Fake Link?

If you accidentally click a fake link, there are a few things that may happen. Some are more obvious than others:

  • Your device will initiate a download. If you click a link and your device immediately starts downloading a file you don’t expect, or prompts you to accept a download, this might be a sign that you clicked a fake link. In most cases, these downloads install malware (which may be a virus, ransomware, ad/spamware, etc.).
  • You’ll be taken to a website asking for your information. For example, a cybercriminal may send you a fake email designed to look like it’s from your bank. This email may tell you that you must sign in to your bank account immediately to prevent a security breach and provide a link to do that from. If you click this link, it will look like the login page for your bank account but, really, the cybercriminal will just be collecting the information you type into the text boxes.
  • Your accounts will start sending fake links to other people. This is an especially common trick on social media. One person clicks a fake link designed by a cybercriminal. Then their account begins sharing that link with their connections. Those connections then click the link in turn, thinking it safe because it was sent by a friend. It continues to spread in this way, often unbeknownst to you.

How to Know if a Link is Fake

The problem with fake URLs is that they don’t look fake. In fact, it can be incredibly difficult to distinguish between a real URL and a fake one, even when you’re actively looking. The best way to protect yourself online is to remain vigilant online and to treat all links you didn’t deliberately seek out with suspicion. These tips can help you distinguish between a real URL and a fake one:

Check Shortened URLs for a Fake URL

Some URLs are really long and very sloppy to look at. In some cases, that may lead to businesses or individuals shortening a link to make it look nicer. This is usually done with a tool like Bitly. However, shortening a link often changes the URL so much that you can’t tell where it leads to. If you click it, you may accidentally let malware in, or your data out, without even knowing it. So, before you click, do some digging. There are websites available (like Unshorten.It) that will probe a shortened link and tell you where it goes without actually opening it.

Look for Misspellings

Sometimes, a link may be sent to you from an email posing as an organization or person who may actually reach out to you. They most commonly copy businesses with mailing lists or banking/financial institutions. Before you click the link, scan it for misspellings. If you routinely shop at realbusiness.com but the link says realbasinuess.com, stop there. It’s almost definitely a fake link that you don’t want to click. If the link is spelled correctly but you’re still suspicious, move to the next step.

Pro tip: Even if a link looks good, if the email itself has a lot of spelling mistakes, it might still be spam! Check out our article about detecting a variety of scams.

Keep an Eye Out for Extra URL Words

Another common trick to misdirect you into thinking a fake link is real is to add extra words into a URL. For example, realbusiness.com becomes realbusiness.com.extrawordhere.com. This is a more nefarious way of tricking you because real websites do modify their URLs to differentiate between pages. If you still aren’t able to ascertain whether or not a link is real, don’t click it.

Contact the Organization

The most surefire way to know if a link is real or not is to contact the business that (supposedly) sent it. Don’t use any information in the same email as the suspicious link (since they’ll use their own) but instead find contact information on the real website of the business in question. You may have to wait a day or two to receive a response about the link, but it’s better to wait than to regret hastily clicking a bad link.

Think Before You Click

When you receive a link, think before you click it. Is it coming from someone who wouldn’t normally send you links to things? If the person you haven’t spoken to since high school sends you a link to purchase sunglasses out of the blue, it might be a scam. Same with the clothing company you haven’t purchased from in five years sending you a link and claiming there’s a problem with your account. Of course, these links may be perfectly harmless but if they seem suspicious, dig a little deeper before deciding to click.

Avoid Buttons

Unfortunately, with good web design, it’s easy to hide a fishy link behind a flashy button that says something like “Sign In,” or “Buy Now.” Regular text can also be turned into buttons, like this button that takes you to our website. The problem with buttons like this is that you can’t easily prove they’re taking you somewhere. If you want to follow a link hidden behind a button or piece of text, the safest way to do so is to right-click over top of the link and select “Copy Link URL/Address.” From there, you can paste the full link into a safe document to inspect it before deciding whether or not to visit the website it leads to. 


Fake URLs don’t have to ruin your online experience. By understanding what they are, where they’re most commonly found, and how to spot fake links, you can protect yourself. Following these steps will help make sure you stay safe and private online. 

Posted by

More Blog Posts

Stay Private on Social Media

September 16, 2021

Privacy Tip of the Week: Stay Private on Social Media

As of 2021, roughly 3.78 billion people were on social media. Within the next five years, that number is expected to climb well above 4 billion. And is that a surprise? Simply put, no. Since their inception way back in 1996, with a platform called Six Degrees, social media has come to dominate the world, […] Read more
Strong Password

September 9, 2021

The Best Way to Create (and Remember) a Strong Password

Passwords are the gatekeepers of our data on the internet. They protect (or should protect) every online profile you make, along with the information in it. But do you really know how passwords work? For most people, all they know, and all they feel they need to know, is that they type a username and […] Read more
How to Stay Connected (While Disconnecting from Social Media)

September 2, 2021

How to Stay Connected (While Disconnecting from Social Media)

Social media is everywhere. It comes in the form of Facebook, Twitter, Instagram, Snapchat, LinkedIn, TikTok and thousands of other platforms. It helps connect people and communities around the globe and some platforms boast billions of users. While social media has its benefits, it also has a few drawbacks. Because the deficits of social media […] Read more

Grab the limited deal now!

Our best price ever! Get HotBot VPN for 70% off today. Our app can be used on up to 6 devices at a time, doesn't limit speeds, and increases security and freedom when using the internet.

1 Year Plan

{{ trialPrice(0) }}

Save 30%

{{ plans[0].oldPrice }} {{ plans[0].formatPrice }}

Billed every year.

6 Month Plan

{{ trialPrice(1) }}

Save 20%

{{ plans[1].oldPrice }} {{ plans[1].formatPrice }}

Billed every six months.

1 Month Plan

{{ trialPrice(2) }}

{{ plans[2].monthPrice }}

Billed every month.

Get the HotBot VPN Mobile App.

Download our apps for iOS and Android