top of page
Search

How to recognize phishing by simply inspecting a link

Phishing would be instantly identifiable if we knew how to identify the primary domain within the URL (Uniform Resource Locator) we receive in the phishing message itself. The problem is that it's not always easy to detect, and attackers look for similar, long, or confusing domains to trick us into believing the link is legitimate. But they'll never be able to copy identical ones . This is where your strength lies: being able to distinguish them.


Once you learn how to find the primary domain with this post, all you have to do is compare it with the legitimate one you can find on the official website. If it's identical, the link is secure, but if it varies, even by a single comma, it's phishing. It's that simple.


Let's break down the structure of a URL by color so you can easily recognize the main domain. A URL is made up of different parts, and the main domain is one of them. Here's how to identify it:

Estructura Básica de una URL por colores
Una URL típica se compone de 5 partes:
https://subdominio.ejemplo.com/ruta/archivo?parametro=valor

  1. Network Protocol in BLACK : The first part is the protocol, which is usually `http://´ or `https://´ for secure connections.

  2. Subdomain (optional) in BLUE: A subdomain can precede the main domain, such as `subdomain.example.com`. A common example is `www`, but there may be others such as `blog`, `store`, etc.

  3. Primary Domain in RED : This is the main part of the URL and what we are looking for . In the example ` example.com ´.

  4. Path (optional) in GREEN: After the main domain, there may be a path that indicates a specific page or file, such as `/path/file´.

  5. Parameters (optional) in PURPLE: Parameters typically follow a question mark (`?`) and are used to pass additional information, such as `?parameter=value´.


Identification of the Primary Domain

To find your primary domain, follow these steps:

1. Protocol : Ignore the protocol (`https://`).

2. Subdomain : Ignore any subdomains that may precede the main domain.

3. Main Domain: The main domain is located just before the first `/` after the protocol.



Practical Examples

  1. Full URL: ` https://www.example.com/path/file`

    Domain Main: ` example.com ´


  2. Full URL: ` https://blog.example.com/article`

    Primary Domain: ` example.com ´


  3. Full URL: ` https://secure.banco.com/login`

    Main Domain: ` bank.com ´


  4. Full URL: ` https://subdomain2.subdomain1.example.com/path`

    Primary Domain: ` example.com ´


  5. Full URL: ` https://www.secure-banco.com`

    Main Domain: ` secure-banco.com ´



Additional Tips


  1. Protect your devices with professional solutions like those provided by ironGate. They'll be able to block the vast majority of phishing attacks you receive in real time.

  2. Avoid subdomains: Subdomains like `www` or any other domain before the main domain should not confuse you.

  3. Never visit sites that don't have https . HTTP connections (without the last s) are not secure and can be easily intercepted. Always check that your browser has a padlock in the URL. This means your connection is encrypted.

  4. Beware of deceptive URLs: Some cybercriminals use subdomains or similar domains to try to trick users. For example, ` secure-banco.com ` in example 5 might look legitimate, but it isn't. The "-" is part of the domain, so in this specific case, the main domain wouldn't be banco.com but secure-banco.com .

  5. Use online URL checking tools such as VirusTotal .

  6. If you have any questions, ask the AI. It will respond with the correct domain, and you can compare it with what you should expect.


Now that you know how to identify phishing by inspecting a link, you're one step closer to protecting your data and your online security. Always remember to analyze the details of a URL and share this knowledge with those who need it most.

Was this article helpful? Let me know what you think in the comments! If you have specific questions about a URL or need help with any cybersecurity issue, don't hesitate to write. I'd love to help!

And if you found this content interesting, share it on your social media so more people can learn how to protect themselves from online scams. Digital security starts with education!


 
 
 

Comments

bottom of page