Be Careful of Message Links

UK mobile networks are sending a “stay at home” message to everyone in response to the current nationwide lockdown. While the link in that specific message is safe, don’t click on links in text messages. It’s very easy for scammers to fake that message and replace the safe link with their own nasty version. It doesn’t take long to type “gov.uk” into the address bar of your browser and you can follow the appropriate link from that site’s home page.

Don’t click on links in text messages. Get into the habit of not clicking links, even if when it’s safe. There’s been a rise in scams and phishing attempts that prey on people’s fears. Please do take care.

If you’re unsure about whether or not a web address is genuine, type it into the search box of your favourite search engine. If the search box is also an address bar (as is the case for some browsers), you need to make sure it doesn’t get interpreted as a URL, which would take you to the site rather than allow you to investigate it first. For example, if you get a link to “example.com/important-info” then type something like “what is example.com” or “who is example.com” or “who owns example.com” as your search term. That should hopefully ensure that it’s interpreted as a search rather than an address. (You can also use the ICANN lookup to look up the registration data for the domain, but an Internet search may show up warnings and alerts.)

The same advice applies for emails, and with email messages you need to be even more careful as links are more dangerous in HTML content than in plain text messages because they are hidden behind the link text. On a desktop device you may be able to see the URL when you hover the mouse pointer over the link text, but you can’t do this on a mouseless mobile device. You may be able to copy the link (using a context popup menu or a long tap) but you need to take care that you don’t accidentally follow the link by mistake.

Always be very careful about emails that encourage you to click on a link or open an attachment even if they seem to be sent from a legitimate source. Sender addresses are usually sent in the form “Display Name” user@example.com. The “display name” part can be set to anything. For example, “Some Public Health Body” scammer@baddomain.com. So be careful not to trust the display name. Copy the domain part (after @) and paste it into a search engine to investigate it (bearing in mind the earlier advice about a search bar that doubles as an address bar).

The Dickimaw Books site has some functions that will send an automated email that may include a link. For example, if you report a bug and provide your email address for confirmation then you will receive a message informing you when your report is logged with a link to the topic page on the bug tracker. I’ve amended the template used for that message to additionally provide information on how to navigate your way to the topic page without clicking on the link. It’s less convenient but it’s safer.

Stay safe and practice both physical and digital hygiene.

“Authors Give Back” SmashWords Sale

The DRM-free ebook retailer SmashWords has a one month “Authors Give Back” sale from 20th March to 20th April 2020. In response to the current Coronavirus situation that is leaving people housebound, authors are providing their ebooks at a discounted price or free. Both my crime novel “The Private Enemy” and my crime fiction short story “I’ve Heard the Mermaid Sing” are FREE for the duration of this sale.

A word of warning: “The Private Enemy” contains a point in the story where rioting results in a shortage of supplies and people being stuck inside getting bored and on each others nerves, so that may not be the kind of storyline you’ll be in the mood to read right now!