Link Buildiing

Scams improves, phishers have had to come up with inventive new ways of fooling individuals into falling for their scams. One of the most common ways of doing this involves link manipulation. Although sometimes tricky to spot, arming yourself with knowledge of these techniques goes a long way in preventing yourself from falling for even the most sophisticated scams.

What is link manipulation?

Link manipulation involves disguising the link of a fraudulent website in such a way that it appears to be the link for the real website. This trick is central to many internet phishing scams.

Even basic phishing campaigns involve embedding the link to the fake website in an email which is masquerading as an email from a legitimate company. The email includes a fake message crafted by the hacker, urging the user to login to the account via the embedded link due to some unspecified issue with their account. When the unsuspecting victim clicks this link, they are brought to a page which asks them to input their login details as usual. By doing this, they unwittingly give their login details to the fraudster, who can use them to commit fraud and identity theft.

Most Internet users are now aware of the signs of a phishing email — even those who are not Internet-savvy know to look at website URLs to check if they are legitimate. However, as consumers have become more aware, phishers have responded by becoming more crafty in the way they deceive people.

Here is an overview of some of the most common link manipulation techniques employed by phishers attempting to fool their victims:

Hiding the URL

The scammer may simply hide the URL in the text of the email. The hypertext may be written so that it looks like it is the legitimate website in question, but when it is clicked on, it brings the user to another website masquerading as the real company. The user may reveal the actual fake URL by hovering the mouse about the link, such that the real destination website appears in the popup window.

However, some sophisticated scammers use JavaScript to place a picture of a legitimate URL over a browser’s address bar. The URL revealed by hovering over an embedded link can also be changed using JavaScript. This trick makes it difficult for even the savviest of users to distinguish between real and fake sites.

Link shortening

Link shortening is a common way of directing victims to a malicious website. There are many services online which perform this service, such as or Tinyurl. Victims then have no way of knowing if the shortened URL directs them to the legitimate website or one created by the phisher until they follow the link.

URL Redirection

Another phishing tactic relies on a covert redirect or open URL redirection. This technique is where an open redirect vulnerability fails to check that a redirected URL is pointing to a website which may be trusted by the user. The redirected URL acts as a malicious intermediate which acquires authentication information from the victim before forwarding the victim’s browser to the legitimate site. This type of threat is rarer and only used by the most sophisticated of phishers. Still, users should be aware of this technique.


The easiest way to avoid being a victim of phishing due to link manipulation is not to follow the link embedded in an email. Instead, search for the website in question in a new tab, and log in through that website. If there legitimately is something wrong with your account, you shall be informed when you log in.