Amrit Dhillon
Advocating for safer, more transparent, and more accountable online systems

Every year, billions of dollars are lost to online fraud.

Millions of people fall victim to phishing attacks, scams, and deceptive websites. While the tactics vary, many of these attacks rely on a surprisingly simple mechanism: misleading hyperlinks.

A hyperlink can display one destination while secretly directing the user somewhere else.

This behavior is not a bug. It is part of how HTML was originally designed.

In the early days of the web, the ability to display descriptive text while linking to another location was useful for navigation and readability. But that flexibility also created a structural weakness.

A link can appear to lead to a trusted site while actually directing the user somewhere entirely different.

That design choice has quietly enabled a wide range of modern attacks, including phishing campaigns, credential harvesting, malware distribution, and other forms of online fraud.

From a security perspective, the underlying issue is straightforward: users make decisions based on what they see, while the browser executes what the hyperlink actually contains.

Those two things are not always the same.

One possible solution would be simple in principle: if a hyperlink visibly displays a domain or URL, the destination should match it.

If the displayed address and the actual destination differ, the browser could warn the user or block the navigation entirely.

This would not eliminate all forms of online fraud, but it would remove one of the most common mechanisms used to mislead users.

The broader question is why this design issue has remained largely unchanged for so long.

Part of the answer may lie in the web’s long-standing emphasis on flexibility and backward compatibility. Changing how hyperlinks behave could affect countless existing websites.

At the same time, the scale of modern online fraud raises an important question about whether some long-standing design assumptions should be reconsidered.

Tools such as VerifiedLink explore practical ways to detect these mismatches and alert users before they click.

Ultimately, improving the integrity of hyperlinks may require a combination of better tools, improved standards, and greater awareness of how easily links can mislead.

Please Note

Do not submit product inquiries or support requests.

Visit a product site and submit product-related messages from there.