When Not to Click: Diagnosing Tricky Links
There are tons of ways for hackers and cybercriminals to do damage. But sadly, this often happens by simple mistakes people make to give hackers access. While, yes, they can find their way onto your network or device… they’re most often let in. One of the easiest ways for cybercriminals to get onto your network or device is with a simple click of your mouse. Clicking on the wrong link can load websites riddled with malware that will download harmful files in the background. Once the malware is on your computer, you can end up with a ticking time bomb that can lead to damage to your device, network, or credit score. But how can you diagnose these problematic links?
There are a few key steps you can take to protect yourself from problematic links. The best way to avoid issues is to be prepared. Responsible clicking and keeping yourself aware are very important to avoid inadvertent malware infestation.
1. Look Before You Click
When in doubt, it’s best to avoid randomly clicking on links altogether. Many phishing scams rely on the fact that you will quickly click on links from a trusted source.
We can often be clicking without thinking. That’s just enough time for your computer to become infected with malware. There can also be hidden links in ads and on sketchy websites. These can open up pop-ups or launch nefarious downloads onto your device. There are also tons of other not-so-harmful but still very annoying things that can happen when you click on random links. Adware, spyware, or some other violation to your privacy could be launched by one random click. It’s important to know where a link is taking you.
A good tip is to hover over a link when on a website to see if there’s a preview of the full URL. You can also, very carefully, right-click on a link to copy the URL. You can then paste the URL in Google, or your favorite search engine, to see where it goes. You can also use various link trackers to confirm that the website is not dangerous. One great resource is the Malware Domain List. It’s a collection of various domains that have been confirmed to host malware. It doesn’t just list the links but also the IP address and specific type of malware associated with that link. Be sure to not try and visit any of those links as they are fully infested with bugs. But you can use the website to cross-reference any sketchy links that come across your screen.
2. Look for Misspellings & Strange Characters
Cybercriminals will use social engineering to try and trick you. They’ll often create similar pages and links that are meant to look like your favorite websites or secure accounts. This way, they can convince you to enter personal information without fear. The key is to keep an eye out for misspellings or strange characters. Even the tiniest of misspelled words could be a clue that the link isn’t legit. Strange characters are also a sign that the link is wonky.
3. Double Check Links You Don’t Know
In addition to Malware Domain List, and Google there are helpful resources specifically for checking URLs for malware. URLVoid, Kapersky’s Threat Intelligence Portal, Scanurl, Google’s Transparency Report, and VirusTotal are great resources for checking links. Some even allow you to submit files to test for viruses. PhishTank is a collection of URLs collected from various phishing schemes and malware attacks. Like Malware Domain List you can both submit and review sketchy links to help protect others from malware infestation.
4. Avoid Abbreviated Links
Nowadays, many links get clipped by various websites and social media networks. It can be a simple clip to save space in a tweet or it can be a way to truncate a really long URL. You see http://bitly.co/xp0123 but the link is really www.thisisnotascam.com/justkidding. Many legitimate businesses will use abbreviated links to hide tracking tags so they can see where you came from. So avoiding these will also help your privacy as well. Like with any sketchy links you can also right-click and copy the URL. If you want to see where it goes you can try sites like checkshorturl.com or expandurl.net to see the full link. Or you can use any of the other URL scanners to get a closer look at how potentially harmful it may be.
When In Doubt Just Confirm
Your cybersecurity is no joke. Cybercriminals are not going to be super obvious and will make every effort to get you to click on a sketchy link so they can do nefarious things to your device, network, or with the information they find. Your best defense can be taking that extra second to double-check that Aunt Gertie wanted you to see her vacation pix or that American Express really did want to confirm information with you. As a general rule, if there is a legitimate problem with your credit card, the bank or issuer will call you or send an email suggesting you sign onto your account. If you sign on from the legitimate website and there is something like an alert in your inbox, this is a legitimate communication.
It’s a good habit to get into double confirming when you get random links, downloads, or unexpected messages. Not only does it give you a chance to check-in it also helps you from making a potential problematic mistake with your security.
These are just a few ways you can protect yourself from sketchy links. Your best bet is to know exactly where you are going, who sent you the link, and if it was intentional. These are helpful tips to keep you one step ahead of the criminals who are out to make the internet their playground.
- Easy Prey Podcast
- General Topics
- Home Computing
- IP Addresses
- Online Privacy
- Online Safety
Most of us view the internet as a useful and benign tool. But in many ways, it’s…[Read More]