Links: Some are trustworthy; others steal data or spread malware. Identifying which are legitimate and which are malicious is a vital part of security and can be accomplished by closely inspecting the website URL in the link. Here’s how to do that on traditional computers and mobile devices:
The Hover Over (Traditional Computers)
What it is: The process of hovering your mouse pointer, or cursor, over a link.
What it does: Reveals the full URL of links that are embedded in text, logos, and other icons.
What it accomplishes Helps you identify links that have been manipulated by cybercriminals. For example, a button that says “log into account” might direct you to a malicious website, but you wouldn’t know that without hovering.
The Long Press (Mobile Devices)
What it is: The process of pressing and holding links on mobile devices like phones and tablets.
What it does: Since mobile devices don’t have a mouse, the long press achieves the same thing as hovering a mouse pointer or cursor.
What it accomplishes: Allows you to confirm the legitimacy of any links you may encounter on your mobile device, such as in email or other forms of communication.
As a best security practice, you should always hover your mouse over links when using a traditional computer. But should you always use the long-press method when on mobile?
Unfortunately, the long press works for some apps and some devices, but not all apps on all devices. Furthermore, an attempt to press and hold a link could accidentally turn into a click, which could turn into a security incident.
What should you do instead?
1. Think before you click or long press, no matter what device you’re using.
2. Wait until you have access to a traditional computer so you can use the hover method.
3. Stay alert for common warning signs, like threatening or urgent language and bad grammar.
4. Always follow policy and report all phishing attacks immediately.