BADFILE.ZIP

Watch Out!

New .zip domains trick people into downloading malicious files

0/10

All you need to know

1

Look out for @ signs

Check if there is an @ sign in front of the .zip portion of the link.

https://dropbox.com/@badfile.zip

2

Hover over Links

Browsers display where a link leads in the lower left corner.

3

E-Mails require additional care

E-Mails enable attackers to use a wide array of styling options. Attackers can change the font size of the @ sign and make it incredibly small. This results in an invisible @.

e-mail client screenshot, e-mail with link, where @ sign is not visible

4

Know your slashes

To craft a bad link, scammers need to use unicode characters U+2044 ⁄ and U+2215 ∕ in the link. They look slightly different to the correct slash /.

The correct slash is slightly longer and has a different angle. The bad slash is shorter and has a steeper angle.

/

Test a link

Feel free to check a link by entering it below

Made with ❤️ on a cozy weekend

Share this page. Tell your parents and friends. Bad files on your PC are bad times.

This page doesn’t track you. There are no ads. This website is open source.

Had a good time? Consider buying me a coffee ☕

Further readings & sources