The Dangers in Links

Why you must think twice before clicking that link...

PHISHINGSOCIAL ENGINEERINGSCAM TRENDS

4/30/20252 min read

These days, it seems like everywhere you turn online, someone is sending a link. Your classmate from secondary school shares a "free data" link on WhatsApp. That "big company" you have been checking out sends an email about a fantastic giveaway – just click the link! Even that fine babe or guy you just met on Instagram wants you to "check out this cool thing" via a link.

But wait first, before you excitedly tap or click on every link that comes your way, let's talk about something important: Yahoo-Yahoo in link form...


How to Spot a Phishing Link: 5 Red Flags

  1. Check the Sender’s Number/Email:
    Is the email from a strange address like “support@gtbank-security.com” instead of “@gtbank.com”? Is the SMS from a random number, not the bank’s official shortcode? Run.

    If you are not sure sure what the legit domain is, just Google 'official GT Bank website; official CBN website', etc. Any email that does not end with the official website/domain is a scam.

  2. Urgent Threats or Too-Good Promises:
    “Your account will be blocked in 24 HOURS!” or “You’ve won BIG!”—scammers use fear or greed to rush you into clicking.

  3. Hover Over Links (but don’t click!):
    On a computer, hover your mouse over the link to see the real URL. On your phone, long-press the link to preview it. If it looks strange (e.g., “http://www.gtbank.secure-login.com”), it’s fake.

    More examples:

    a.) Your bank's website might be "www.firstbanknigeria.com". A fake link might look like www.firstbnk.com or www.first-bank.ng. See the difference? Scammers will often try to trick you with similar-looking domain names.

    b.) Genuine government websites in Nigeria end in .gov.ng. A scam link might end in .com or .org. e.g., www.cbn.gov.ng (real) vs. www.cbn.com (fake); www.firs.gov.ng (real) vs. www.firs.com.ng (fake).

  4. Spelling Errors:
    “Dear Cusstomer, your acount has been suspanded!”—poor grammar or spelling mistakes are always dead giveaways.

  5. Requests for Personal Info:
    Legit companies will NEVER ask for your password, BVN, or OTP via email/SMS.


3 Steps to Protect Yourself

  1. Don’t Click—Verify!
    If you’re unsure, contact the company directly. For example, call your bank’s official customer care line (remember: get the number from their website, not the suspicious message). You can verify domains and URLs on https://scamadviser.com.

  2. Turn on Two-Factor Authentication (2FA):
    Add an extra layer of security to your email, WhatsApp and bank apps. This ensures that even if scammers get your password, they cannot access your account without the 2FA code.

  3. Install Antivirus Apps:
    Apps like Malwarebytes can block malicious links. It is also free and easy to use.

What to Do If You Have Already Clicked a Phishing Link

  • Change your passwords immediately.

  • Call your bank to block your account and/or if you entered financial details.

Phishing scams often succeed because they play on our emotions - fear, curiosity and/or excitement. With these tips though, you can get to beat the scammers at their own game. Share this knowledge with your family, especially older relatives or friends who might not be tech-savvy. Remember: if it looks too good to be true, it probably is.

Let's Talk

Whether you have a request, a question, or want to work with us, use the form below to get in touch with our team

© 2025 Kura