Fake Links

Fake links are used to send you to a website controlled by scammers. These pages may look like a real login screen or payment portal, designed to steal passwords, card details, or personal information. Sometimes the link also triggers a download or attempts to install malicious software.

Scammers make links look believable by using familiar brand names, shortened URLs, or addresses that are almost correct (for example, extra words, dashes, or swapped letters). On phones, it’s harder to inspect a link, and the page layout can feel “real enough” to trick you into entering details quickly.

Examples include: an SMS saying a delivery is waiting with a link to “confirm your address”, an email asking you to “review a shared document” leading to a fake Microsoft 365 or Google sign-in page, or a message claiming you have an unpaid toll or fine with a link to pay. A common red flag is being asked to sign in again unexpectedly or enter card details for a “small verification fee”.

To protect yourself, avoid clicking links in unexpected messages. Type the official website into your browser or use the organisation’s app instead. Hover over links on a computer to preview where they go, and watch for odd spelling or domains that don’t match the real organisation. If you did click, don’t enter details — close the page and verify through a trusted method.