November 2nd, 2017

Should I click on this crazy looking URL?


Hi, and welcome to “Ask Erik!”.

I was recently asked by one of our customers what all of these crazy letters in these website URLs mean?,jggfew

This customer is getting these links in email messages and was very concerned, if he should even click on them or not, are they safe? Garbage characters like this in the URL can really mean anything and they could be used for any purpose. Let’s reflect, messages you didn’t ask for containing URLs with crazy crap in them, it’s definitely suspicious.

Spam Filter Evasion

My guess is to what these particular ones are, are ways that spammers can try to get by spam filters. They code random URLs to try to evade fingerprint matching of known bad addresses and spam emails. They changed up on every message and they use just random information in there so it looks unique.


Another very important use for these kinds of garbage URLs, is for tracking. A spammer would send a different garbage looking URL to every single person, where they have in their databases, these crazy addresses correlated with your email address. You can’t tell but they can. When you click on that link, not only do you get taken to the spam page, but they know exactly who clicked and they know they can target you further in the future.

Best Practices

The rules of thumb with any kind of email is: never click on a link that you are unsure of, never download a document that you didn’t ask for and if you are ever worried, contact the person via another channel and don’t just assume links are okay because, very often, they’re not.

Phishing, or sending people malicious data and links through email messages, is the number one vector for cyber crime across all organizations. You have to be very, very wary of these kinds of things.

If it looks weird, don’t click on it


I’m Erik Kangas, the CEO of LuxSci and this has been, “Ask Erik!”

Do you have a question? Ask Me

Leave a Comment

You must be connected or logged in to post a comment. This is to reduce spam comments.

If you have not previously commented, you can connect using existing social media account, or register with a new username and password.