Steem Tutorial- How to Detect the Real Address of a URL before Clicking | Fighting Phishing Attacks (Practical Steps)

Introduction

Your interaction in the crypto ecosystem should be well guarded by paying attention to some important things so that you don't fall victim to unfortunate incidents. We have some bad actors that have indulged in preying on innocent users through links, it doesn't always end well if you allow them to take control due to ignorance. I have a piece to share with you today, friends.

---

_{Designed with Canva utilizing a Free Image from Pixabay}

---

Phishing Links in the Steem Ecosystem

Phishing is one of the attacks in the crypto ecosystem targeted at vulnerable users and anyone can be a victim if one is not quite cautious. Phishing attacks can come in different ways or can be utilized via different methods like reward phishing, clone phishing, impersonation phishing and so on.

These methods of attacks I have highlighted above involve the use of links to lure users to clicking in expectant of some goodies, such that the attack is achieved. I have written about some of these attacks before, you can read more about them below.

• Scams in the Crypto Ecosystem (Part 2)- Phishing and Dusting Attacks | (#burnsteem25)
  

In the Steem ecosystem, we have these bad actors all around sharing links to get people that would fall victims, remember in the crypto ecosystem, he who has the private keys to an account has full control over it, as such it's been emphasized that users should keep their keys very safe from other people.

The scammers here on Steemit would share links with you (maybe in your comment section) with the sole aim to lure you to click so that they can take control.

And when the attack is successful, they don't only cart away your assets but also utilize your account to spread the attack to many other users out there, it also affects your credibility in the long run because people might not know who is actually behind the attack at the initial stage.

That being said, it's very possible to recover your account but consider the losses it might have incurred before you get help to recover the account, as such, don't just click on random links on Steemit.

---

Where would you be Redirected?

Instead of trusting a link shared to you by a friend which might push you to blindly click on them, it is necessary to be sure of where that link is going to lead you. The fact is that phishing links are not always plain where you'd realize they are actually fake through the address, they are in some cases embedded in texts and that's dangerous. We would be talking about two methods to check the actual address of a link before visiting.

---

1. Copy the Link Address

The address of a link shared with you can easily be copied to see if the link belongs to any credible websites or not. Let's take some examples below:

• For instance, you have me commented on your article informing you about my publication about some scams in the crypto ecosystem as you are shown below,

_{Link Embedded in Texts}

• Before clicking on the link, there is a way you can see the address embedded to ensure you are doing the right thing. On your web browser, you can right-click to copy the address and paste it into a notepad to see the actual address and on a mobile browser, you can do the same by tap and hold on the link to copy the address, let's see the result below:

_{Copy Link Address}

• In the process of enquiring about the link above, you can see that the address was shown a bit (maybe not in full) and with the copy address, you can see all details when you paste it into your notepad to ensure you are visiting a credible website.

This would help you to a large extent to keep off phishing attacks. Now we would be looking at another scenario, where I would be embedding another link entirely in some texts to lure people to visit. See the texts below:

• Scams in the Crypto Ecosystem (Part 2)- Phishing and Dusting Attacks | (#burnsteem25)- Steemit
  

From the texts (link embedded) shared above, I have just informed you about an article I have written on Steemit about certain attacks. If you had seen this in your comment section, you might be willing to visit the article, technically, I have embedded another link entirely. If you tap and hold to copy the address then you would get a revelation of what we have in there.

_{A YouTube Link was embedded instead of Steemit's}

You can see the kind of illusion I had created for my audience, scammers can also utilize the same method to mislead users and get their aim satisfied in the process, if you have not tried copying the address, you'd end up on a website you have no intention to visit.

---

2. Short URL Enquiry

Short URL is another method often utilized by scammers to hide the main address behind a link shared with you, I consider this more dangerous than links embedded in texts because it cannot be easily detected as you don't have enough information about the link and you might be so curious to visit to learn more.

It's dangerous to visit such links without proper investigation, tools like TinyURL, bit.ly and so on, can be utilized to shorten and hid an actual address, for example, the article I shared at the beginning of this article has been shortened using Bitly to produce- https://bit.ly/3pKwOiQ. Let's see how dangerous it can be if scammers had utilized this method.

_{The shortened Link}

Taking a look at the screenshot above, even after you had tapped and hold on to the link, the shortened link is still all you see while the main address is completely hidden. Such links can also be embedded in texts as we discussed earlier and in that case, only the short URL would be shown, let's take a look at an example below.

• Scams in the Crypto Ecosystem (Part 2)- Phishing and Dusting Attacks | (#burnsteem25)- Steemit
  

If you had tapped (tap and hold) on the link above to check the address, the short URL is still all you see and that can be extremely dangerous as well. See the result below:

_{The Real Address remains Hidden}

Fortunately, there is a tool that can be utilized to expose the address of a short URL, the tool is https://checkshorturl.com/. With this tool, all a user needs to do is copy an address by tap and hold and then paste it to the tool to see the real address of an URL. Let's see the steps below,

• We would be taking a short URL example, https://bit.ly/3pKwOiQ. Then, visit CheckShortURL and on the landing page, you can see a field with Enter your shorturl here.

_{Enter your shorturl here | CheckShortUrl}

• Paste the Link in the field above and click the expand button.

_{Paste Short URL - Expand | CheckShortUrl}

• The real address of the short URL is displayed with a brief description of the article.

_{Short URL Details | CheckShortUrl}

---

Kindly pay attention to the information shared through the steps above, the bad actors have always been around to steal assets. Ensure the credibility of a link before you visit, the illustrations shared with you above would guide you to large extent.

---

Conclusion

In conclusion, phishing attacks are almost everywhere even in other financial sectors but it's quite more disastrous in the crypto ecosystem as such losing your private keys to scammers may be the end especially when your entire funds are being carted away from your non-custodial wallet.

If you have anything unclear about different scams in the crypto ecosystem, don't be too lazy to read through one of my previous articles that I shared at the beginning of this article. Thanks for reading. Stay Safe!