Hyperlinks Flashcards
Hyperlinks
A hyperlink is a webpage URL that is embedded into text, a button, or an image. When clicked, it will open the recipient’s default browser, and navigate to the webpage for them. Hyperlinks are used when the attacker wants to direct the target to web resources, such as a malicious file download, a page with a fake login portal acting as a credential harvester, or other content as part of their phishing attack. Hyperlinks can be coupled with additional techniques such as redirected targets to a typo squatted domain or using URL shortening services to disguise the true destination of the link. It is important that employees are trained not to click on suspicious links, and security teams should always be cautious when analyzing and handling phishing emails, as one wrong click can lead to an infected system. Later in this domain, we will cover how to protect employees from malicious links, within the Taking Defensive Measures section.
But why is something that seems so simple, so effective? This is because almost all emails contain links, so people are used to seeing them, and clicking on them! Attachments are more uncommon which is why they often raise more suspicion. Hovering over text or an image that is hyperlinked will often reveal the URL that will be visited if it is clicked. If not, the email can be opened in a text editor and the URL can be safely retrieved by looking for HTML anchor tags <a> </a>. A friendly reminder that phishing emails should only be analyzed and opened in a virtual machine or on a “dirty” system.
Example Walkthrough
Looking at another PayPal-themed phishing email, we can see that the hyperlinked button definitely isn’t taking us to PayPal.com.
Opening this email in a text editor, we can find the HTML body content, and identify where the hyperlink is. Below we will explain how hyperlinks actually work using HTML anchor tags.
If we wanted to use HTML to hyperlink the word Google to Google.com, we could use the following HTML code:
<p> Need to access Google? <a> Just click this text! </a></p>
<p> Paragraph tag declares that we want to print text to the screen.
“Need to access Google?” Non-hyperlinked text.
<a> Anchor tag used to hyperlink anything between the opening anchor tag and the closing tag </a>, and states the address to link.
“Just click this text!” Hyperlinked text.
Closes the hyperlink.
</p>
Closes the paragraph.