Why?
I’ve been seeing folks I know on social media who’re getting scammed by fake sites. These are sites that look real and act real. The links that take people to them often have the official logo and look of the site they’re supposed to represent. But they’re not real, and they’re looking for ways to scam people. How can you tell? Sometimes, you can’t. But most times, you can before you go to the site.
You can tell most of the time where you’re going by learning to read the address, (often called the “URL”) of a site. So I decided to write some notes about how to read URLs for folks who don’t have degrees from CalTech. That advice is what’s here. I avoid jargon as much as I can and try to break this all down so it’s understandable. My goal is to help you know where you’re going as you follow links. If you don’t know this information, your chances of getting to a scam site increase. A lot. What I’m sharing won’t keep you 100% safe – I’ve been fooled recently by a site. But knowing this will keep you safer than if you didn’t know it.
A site’s URL is in the address window of a page when you get there. But you can preview the URL by hovering over it with your mouse’s cursor on the page that’s directing you to a site. When you do that, somewhere on your browser window the URL where the link is directing you will appear. Don’t click on it without hovering over it first to see where you’re going. Every browser and a lot of programs show the link in different places, so look around your page to see where the URL pops up as you hover.
A really important rule: Don’t follow a link without knowing the address where you’re going.
Step One to Reading a URL
First, you read sections of a URL. You do that backwards, from right to left. Start at the right edge of the address and see what’s there. Reading from right to left tells you what you’re accessing. Look at this link:
https://docsband.link/So-Long-Westland.wav
Forward slashes separate the sections of an address. The last part that’s separated in this address is:
/So-Long-Westland.wav
That’s telling that this address is pointing to a .wav file called “So-Long-Westland.wav.” It’s a specific file because it has a file extension – a period followed by three letters that identify the file type. A “.wav” file is a specific type of sound file that gets played over the Internet, and this address is pointing to a specific .wav file called “So-Long-Westland.” There are lots of different kinds of files you can get directed to, and each type has its own extension name. The most common is a “.pdf” file. PDF files are generally documents, and sometimes forms. Check out this link to the IRS’ 1099 form that you can complete online:
https://www.irs.gov/pub/irs-pdf/f1099msc.pdf
By looking at the far right, you can see what kind of file you’ll access by seeing the file extension (“.wav” or “.pdf,” etc.). If it has a file extension that you don’t recognize, you should think twice about following the link because it may be taking you to a site where it’ll download a file you don’t want.
Most times when you click on a link, though, you’re going to a page, not a specific file like the examples above. Again, reading right to left can help you see where you’re going. Look at this example:
https://docsband.link/songs/lyrics-slw/
The final section isn’t a file name. Because there’s no file extension at the end, the link is taking you to a page. The URL provides directions that tell the browser where to look for the page. The name of this page is “lyrics-slw” and it’s put into a folder on the server that’s called “songs.” It’s like how you use the folders and sub-folders of your own computer to track files. Reading backwards, you can see the subfolders and folders where they’re embedded. You can see the IRS using a similar strategy for where it puts its 1099 form. That file is in a folder called “irs-pdf” that itself is in a folder called “pub.” This is all a way for the developer to manage files and folders.
Step Two
Continuing to read right to left, then, the next section of the first URL above is:
docsband.link
That points you to the specific location on the Internet where the sound file resides. Many times, you can strip out the last section(s) of an address to take you to the main page of a site. If you type just https://docsband.link, that takes you to the main page for that site.
Sometimes, you’ll see “www” preceding the address. You can get to the same main page as above by going to:
Whether or not the link has “www” depends on how the designer sets up the address.
This is a point where jargon can’t be avoided. So let’s get it over by explaining the concept of the “top-level domain.” The folks who manage the Internet (yes, they do exist) decided that each type of Internet site could be categorized within a specific top-level domain. These are broad categories of types of sites. You can recognize the top-level domain for any site by its extension. It was simple at first with just a few top-level domains like commercial sites in one category (.com) and higher education sites in another category (.edu). Over the past 35 years, though, that’s expanded so there are over 1,500 top-level domain extensions available. In the example above, the top-level domain extension is “.link.”
Carefully reading the core address of a site and looking for the top-level domain can help you avoid going to scam sites. Again, though, you have to read the information right to left. Look to see what the final top-level domain extension is in that section. If you’re expecting a higher education site, it should have an “.edu” as its last extension. A site that reads “http://harvard.edu.fp” is NOT Harvard university. If this were a link you found, the final “.fp” extension would be actually taking you to a site in the Philippines since that’s what the “.fp” top-level domain extension designates. You might need to read through a few folders on the address to get to the core address. But look carefully through that top-level domain and address and let them inform you where you’re really going.
Step Three
The remaining section of the address at the far left is:
https://
That tells your browser that it’s doing an Internet search. The use of the “http” language in web addresses goes back to the days when people commonly accessed more than web files on the Internet. However, these days, seeing anything except an “http(s)” file is rare. There are even some addresses where you don’t need the “http(s)” to get there. If you just type “docsband.link” into a browser’s address window, that should get you to the main page of that site since your browser will supply the needed https:// starter.
However, there’s something important in that part of the address that you need to watch. There’s a big difference between a site that begins with “http” and “https.” That added “s” stands for secure. A site that uses the “https” protocols includes some additional security features that keep it from being hacked. No place on the Internet is completely safe, but accessing sites that use the https protocols keeps you safer. Look for it, and be wary of sites that don’t have it. Most browsers have a setting somewhere that allows the browser to warn you if you’re accessing a non-secure site.
