Skip to content Skip to main navigation Report an accessibility issue
Information Security

Obscured, Obfuscated Links



Recently, researchers have discovered another technique cybercriminals use to steal your information. In this technique, cybercriminals use obfuscated links to show IP addresses like XXX.XXX.XXX.XXX, instead of websites. Obfuscated links are URLs that have been modified to hide the real location of a website.  

In this attack method, cybercriminals send an urgent email that appears to come from a legitimate source and prompts you to click on a link. The link seems legitimate, but hovering over it shows an IP address instead of a URL. Without a URL, verifying if the link is legitimate is nearly impossible. If you open the link in your browser, cybercriminals can download malware onto your device or redirect you to a malicious website.  

Follow the tips below to stay safe from similarscams:

  • When you receive an email, stop, and look for red flags. For example, watch out for emails with different reply-to and sender addresses. 
  • Before you click, hover your cursor overthe link. If it shows an IP address, it could be a phishing link.  
  • Be cautious of urgent requests. Cyberattacks are designed to catch you off guard and trigger you to click links impulsively.