The Internet is full of links. There is no web page that does not have at least one link. Every link leads users to another page. This page is not always known. This poses dangers. Fake links can lead anywhere and cause great damage. Accordingly, one should be careful with links.

What are fake links?

You have probably encountered fake links before. In most cases, they are found in phishing emails. The email seems to come from a trusted source and contains a link that, at first glance, also leads to this trusted source. However, clicking on the link does not redirect to this source.

Instead, bank data or login details are fished. The scammers then use this data to make online purchases or withdraw money from accounts, for example.

Fake links always disguise themselves as links to a known site. The link address therefore actually looks correct. Due to the number and letter combinations of links, you often can’t distinguish them anyway.

For example, could you tell offhand if this link is safe:

Whether there’s an extra 6 or a 9 missing somewhere, you probably wouldn’t notice, would you? Don’t worry by the way. The link is absolutely safe and will take you to our Authenticator page.

Fortunately, there are ways to detect fake links. However, you have to pay attention to the details.

How to recognize fake links

Fake links usually follow a pattern. However, they do not deviate much from the original, which makes it difficult to detect the fake. Faking links is also called squatting. There are basically six different types of this.

TLD squatting changes the top-level domain. This is the domain extension. So .de, .com, .net etc. Before clicking on a link, you should always make sure that the domain extension is correct. is the correct address. is not correct and should not be clicked on under any circumstances.

Subdomain squatting adds additional information to the domain. However, the link does not lead to the desired page, but to a fake domain. An example of this would be

Combo-squatting works in a similar way. In this case, an additional word is appended to the domain that points to an existing page, but leads somewhere else. An example of this would be

Sound squatting is where the name is minimally changed to look and sound similar to the original. For example, could become

Typo-squatting simply builds a misspelling into the domain:, for example.

Homographic attack replaces letters with similar characters that are not immediately obvious at first glance. An example of this would be

With proper attention, it is not that difficult to spot fake links. It helps especially if you know how a URL is structured.

The structure of a URL

A URL usually consists of five parts. These parts are separated by dots or other characters.

The first part is the transmission protocol. You know it as http:// or https://. Basically, you should not click on any link with a different transfer protocol. And you should also be careful with http pages, because they are older pages that can be insecure.

The subdomain is usually the name of the page. For example, However, the subdomain can also consist of several parts, which are then separated by dots. For example, authenticator.reiner-sct.

We have already mentioned the subsequent top-level domain (TLD). This is the extension .com or .de or .net or whichever is used.

The subdirectory is then indicated by a slash and points to the actual page. For example /apps.

So this results in


Fake links are easy to identify with the necessary attention. Basically, care should be taken that it is an https website to which the link leads. In addition, the TLD must be observed, because every website has a fixed TLD that does not change. Changes within the URL are not always noticeable at first glance. So always look very carefully. In the best case, do not click on any links at all and always choose the manual way via the input.