Skip to content

How to Read a URL

My Pittsburgh Post-Gazette this morning reminded me that Congress is encouraging the IRS and the FTC to deal with,, and — websites that offer tax-related information but that may confuse consumers into thinking that they are reading the real and official Internal Revenue Service website, which is located at  The problem here reminds me, again, of some important socio-cultural problems when it comes to consumer protection and the Internet.  Why don’t people learn?  More after the break.Conventional wisdom has it that we’ve been using the popular version of the World Wide Web for more than a decade, so we all have figured it out.  Anyone who hasn’t figured it out even runs the risk of being put in jail, at least if they’re in the wrong place at the wrong time.  The fact that the convention wisdom may well be wrong in the IRS case (and wrong still, as anyone who visited will remember) raises an important question:  Why haven’t people learned this stuff already?

What’s going wrong in the IRS situation?  First, people encountering (for example) don’t necessarily check to associate the content of the site (tax information) with a URL (a .com top level domain).  I know how to do that; I know that agencies of the the United States government usually put up websites that use a .gov top level domain, so is immediately suspicious to me, even before I look at the content of the site.  Related to this, I know when I look at a website that I can correlate the site’s contents with the URL in the address bar, as well as with the text at the top of the window, which renders the Title tag.  If those things don’t synch properly, something is amiss.  Second, people who check the URL don’t necessarily know how to parse its contents.  I know the differences between .gov and .com and .mil and .edu, for example.  In a more difficult to decode and more damaging context — phishing — I know both how to check the URL of links that appear in email in my In Box and I know (usually) how to decode enough of the URL to decide whether or not the mail is legitimate.  But an awful lot of people have no idea how to “read” a URL — literally, in this sense, as well as figuratively, by correlating it with the site.

Why not?  Consumer protection and trademark law have both made a lot of progress over the last decade.  Consumer education campaigns must have had some effect.  The number of people moving online and getting familiar with browsing and email is obviously enormous.

The one area that hasn’t changed much, over the last 10 years, is the basic browser GUI itself.  The major browsers share a basic template:  big window for the content; buttons above and/or below for navigation; small address bar above and/or below that displays the URL and to provide text-based navigation.  But nothing explicitly connects the URL to the site content; nothing explicitly decodes the URL.  Similar problems exist, of course, for email clients.  Is there an interface modification to be had that would address the cognitive disconnect exposed by the and phishing problems?