I have been teaching people how to avoid spam and malware in their emails for several years now. If you've followed my blog for very long, you know there are some key things to look for when identifying unethical links. The primary one is Links that point to a URL other than the one expected. 

    You probably know by now that the text shown on a link does not have to be the URL of the link (for instance  www.cincinnatiwebs.com should obviously point to the website Cincinnati Webs. The TEXT matches the URL destination. But Visit My Website also points to Cincinnati Webs. So how can you tell without actually clicking?  Many web-based programs have a feature that somehow displays the URL when you hover over a link. Many web browsers and email programs have a Status Bar. Look under the TOOLS menu or the VIEW menu for it. The Status Bar is typically located at the bottom of the browser/program window.  With the Status Bar turned on, you can hover your mouse over a link and see the URL the link points to.  Try it now. Hover your mouse over the links above & verify that they point to the Cincinnati Webs site.

    So an unethical link may point somewhere completely different that what you expect. For example, my wife received an email earlier this year that said it was from Bank Of America. It looked official and said that someone else had tried to log into our account so we should SIGN IN and verify that our account was okay...  (did you hover over the link?) The link in the email wasn't so blatant as my example here, but I would have expected a legitimate link to point to a website something like "bankamerica.com..." Instead this one pointed to something like http://carlosramirez.com.br/campus2/BankOfAmerica.com. So, even though BankOfAmerica was in there somewhere, the main URL this link was pointing to was CarlosRamirez.com.br - NOT someplace I want to go to enter my banking login information.

    Now, for some disappointing news... Hovering over the link is the easiest way, but not a guaranteed way to see the true URL. It is possible to use Javascript to display whatever you want in the status bar when hovering over a link. Although many email programs can be set NOT to run Javascript automatically. 

But without getting a degree in rocket science, what can the average person do to avoid these unethical links?  There are a couple of common sense tests everyone can use:

1. Try the hover test. If the link points to a different URL, the hover test will show it most of the time.
2. If the message doesn't make sense be suspicious. (I don't have a bank account at Bank Of America, so how can my account be compromised?)
3. If the message has a lot of misspellings or really poor grammar in it, then it may be from someone who's primary language is different than your own. Yes, my friends might misspell a word here or there, so keep that in mind, but the more misspellings I see, the more suspicious I become.
4. If the message uses fear to get you to click, don't do it. (Your computer may be infected... click here for a free scan.) 
5. Especially with social networking, be reluctant to click a link sent to you - even if it's sent by a friend. UNLESS you're expecting it.. (My friend went with me to Disney World and then posted pictures of it on Facebook, so his link saying "Disney World Pics"  is probably okay. But an unrelated link  from someone saying 'OMG! You have GOTTA SEE THIS!" is one to avoid.)
6. Emails from an official website (bank, store, credit card company, etc.)
   1. If they don't know your name - then it's probably a scam. Most legitimate businesses will address you by name, NOT by 'Dear Client', or 'Dear Customer'.
   2. If they tell you to click this link to log in - then it's probably a scam. Legitimate companies will tell you to go to the website and log in. But a link that says "Log In Here" is suspect.
7. Keep your anti-virus software up to date. If you don't have anti-virus software, you should.
8. If you're not sure about a link - DON'T CLICK ON IT.