Obfuscated Links Scams

In the latest scam, cybercriminals have been using links that show IP addresses instead of the website you are going to. These links are better known as obfuscated links and they are URLS that have been tampered with to hide the location of the website.

Cybercriminals will send an email that spoofs a well-known company or source. This email uses wording that makes the receiver feel like they need to complete an action immediately. When the person hovers over the link to see where it is taking them, it ends up showing them an IP address instead of a website. The trick what we have been teaching about hovering over a link to see if it is legitimate wouldn’t work in this case because you can't see the website. If the person clicks on the link, they possibly are allowing cybercriminals to download malware or are taking you to a spoofed website and trying to steal your sensitive information that way.


  • Always be cautious about receiving an email from an unknown sender. Make sure you check who it’s from, errors in grammar, etc.
  • Make sure you stop and think before doing an action. If the email makes you feel a sense of urgency it is probably a scam.
  • Always hover over links. Remember now if it is an IP address it could be a phishing email!

Learn more tips like this and train your employees with our Security Awareness Training Program.