Understand Web Addresses

Owned by S Helms
Last updated: Feb 12, 2024 by Kelly Thomas
3 min read

Phishing attacks are a form of electronic fraud that often take the form of "spoofed" emails and webpages. Phishing emails often ask you to follow a link to what looks like an official webpage for an organization, but is really an attempt to trick you into entering personal information. Spoofed webpages often appear similar to their real counterparts, and even seasoned internet users can be fooled by them.

On this page

Parts of a Web Address

The trick to avoiding spoofed webpages is the web address, also known as the URL. People who phish may be able to duplicate everything about the way a webpage looks, but a web address can't be duplicated. A web address is divided into four parts: protocol, subdomain, domain name, and webpage location. People who phish manipulate these parts in order to make their websites look legitimate. If any of these parts look suspicious, you shouldn't enter any personal information, such as usernames or passwords, into the website.

A gmail URL with the URL protocol, subdomain, domain name, and webpage location on domain portions identified.

Protocol

The protocol tells a web browser how to send and receive data. The most common protocol is http or https. Secure pages, such as login pages, will use https because it ensures your browser encrypts your information and prevents people who phish from grabbing the data as it's transferred. Sometimes the protocol is hidden in a web browser’s address bar. Select the URL and the protocol will display.

Look For The Lock

Secure PSU pages will always display a padlock icon to the left of the URL. Any page that looks like a PSU login page but doesn't have a padlock icon is suspicious and should be approached with caution.

Subdomain

The subdomain indicates a subdivision of the webpage's domain. For instance, in the web address "mail.google.com", "mail" is the subdomain of "google.com". PSU has a number of subdomains, such as "mail.pdx.edu" and "d2l.pdx.edu". People who phish may attempt to use a subdomain to make the link seem official. Check to make sure that the web address isn't using a PSU-related subdomain with a non-PSU domain name (some examples are in the next section). This could indicate that someone is trying to trick you into trusting a fake PSU webpage..

Domain Name

The domain name is a unique identifier that differs for every website on the internet. A domain name always includes a top-level domain, which is most commonly ".com", but can also be ".org" or, in PSU's case, ".edu". People who phish will often try to fake this part of a web address by creating something that looks very similar. For instance, they might create a domain name that uses a 0 (the number) in place of an O (the letter) or has a ".co" instead of a ".com".

Check the domain name to ensure that you are on a legitimate PSU website: it should always show "pdx.edu" immediately after the protocol and the subdomain.

Examples of URLs showing domain names

Webpage Location on Domain

Everything after the domain is information regarding the page's location. This information is usually not necessary to examine. If you're unsure whether the web address looks legitimate, go straight to the website by typing its web address in yourself.

Further Resources

If you believe you've received a phishing email, do not follow any of the links in it. Instead, forward it to abuse@pdx.edu.