Huggins Homes
Does your home need updating to sell, but you don't want to do the renovation?  We have cash buyers who will buy your home!

October 25, 2016

Where does that TinyURL link go to and how to spot a potential attack


Today I received the listing agent's dream email!  An over full price CASH offer on a new listing with no inspection contingencies!  Most agents would say "Time to break out the champagne!" then why am I saying "Something doesn't smell right here"?

Let's take a look at the email, shall we?  I've blacked out some identifying information.

Where does that TinyURL link go to and how to spot a potential attack 1

First off, I receive a contact yesterday from "HomeSeekers", one of the syndication partners our MLS sends our listings to without our knowledge, consent or ability to control.  It was simply the default "I have questions" box filled in.  I replied with an email asking to setup a time to talk and I got this email back today.  So that has me a little suspicious, afterall why is a BROKER using this website instead of the MLS?

In reviewing the email, the English is pretty good (with a few minor grammatical errors), however half of the email (where agents typically try to sell me on their clients) is all about how great and trustworthy Google Docs and Dropbox are.  Ok, I'm a former IT guy of 15 years... with 10 of those working for Fortune 100 (and Fortune 50) companies doing their Information Security.  I don't need to be sold on Dropbox/Google Docs, however the convention (since emails and PDFs were common) is to attach the offer as a PDF, but who am I to question the forward progress of technology?  Of course, it is right to question why a Broker with a company is using an domain (which goes to the ADP payroll company).


So now I check the links by hovering over them.  I expect to find links to "" and "" however I find links instead!!  Now what are the two main reasons to use a link shortener?  I know!  The primary reason is to make links that fit easily into social media posts and riders for signs or advertising.  Ok, that's legit... but what about the second reason?  The second reason for using these is to OBFUSCATE (hide) the end URL from the person clicking the link!  The last five years finishing out my IT career, I taught information security basics to all new hires for several local hospitals.  One of the topics was expanding these URLs before clicking on them.  Using "" I expanded the two links and found the below information:

First, how to use the site:

Go to the website and put the shortened URL in question into the box below the logo and click the "Get Link Info" button.

Where does that TinyURL link go to and how to spot a potential attack 2

The results I got from the Google Docs link:
Where does that TinyURL link go to and how to spot a potential attack 3
YIKES!  Not only does the URL point to some really bizzare website that definitely ISN'T Google Docs, it has four "Unsafe" warnings, including the TinyURL links themselves!  That is four more than I like to see at all!

Ok now, I go back to the home page and try the Dropbox link:
Where does that TinyURL link go to and how to spot a potential attack 4
WOW!!  This one is EVEN WORSE!  This time the TinyURL links themselves were safe, but what they pointed to was no and even threw up a suspected phishing page warning!

Talk about your RED FLAGS!!!
So what's a Realtor to do now?  I need to keep my client's best interests at heart here.  Well, what I've always taught is to contact the sender through another means to verify the legitimacy of the email.  So I went onto our state's licensing site and verified that the Broker in the email was in fact licensed and was in charge of the agency listed, had a good number of agents under him and that the address of the office matched the address listed in the email.  Please keep in mind that the office is in Orange County CA and I'm in Ventura County, CA.  There are two to three counties between us and it's a good three hour drive in light traffic to get to his county (not neccessarily his office).  I then went and independently Googled the office and called them directly, leaving a message for the Broker to validate the email (or to inform him of someone using his name illegally, if the email is not legit).


I hope that this blog helps you if you ever find yourself in a similar situation.


My best,



Active Listings
Your Home Could be Featured Here! Call Ryan Today at 805.905.4000 to List Your Home.
Under Remodel
400 Whitegate Road, Thousand Oaks, CA

5+4 VIEW HOME with 1+1 Guest House and Pool in Thousand Oaks
Follow the progress and get on the waiting list
Recent Sales
SOLD! - 2186 Aspenpark, Thousand Oaks, CA

3+2 in the "Lang Ranch Elementary School" district
Click For More Details
SOLD! 14284 Clemson St., Moorpark, CA

3+3 VIEW HOME in the highly desired "Varsity Park Estates" neighborhood
Click for More Details
SOLD! 1449 La Jolla Dr., Thousand Oaks

Newly remodeled 4 bedroom home in the "Modern Farmhouse" style.
Click for More Details
711 Bluebonnet Ct. in Thousand Oaks

4+2 Remodeled Single Story Pool Home
Click for More Details
3490 Pine View Dr., Simi Valley
SOLD! Simi Valley 4+3 Remodeled Single Story Home with Gated RV! 3490 Pine View Dr. in Simi Valley
4+3 Remodeled Single Story Home with 15,000+sf lot and gated & paved RV parking!
Click Here for more details
30666 Passageway Pl., Agoura Hills

"Lake Lindero" One of a Kind View Home! 4+3 Two Story home with INCREDIBLE Lake Views!
Click Here for more photos of this amazing view!
Need to sell your home fast for cash?  We have fast hassle free cash offers for your home

Recent Posts

Huggins Homes

A Boutique Agency With Over 30 Years Experience Providing Personalized Consulting And Comprehensive Real Estate Services To Buyers And Sellers.
© Copyright 2015 forward - All Rights Reserved
For media inquiries about the Ventura County real estate market, real estate investing or house flipping, please contact Ryan Huggins at 805.905.4000