BNMC Blog
Avoid Phishing Attacks by Checking Out These Link-Checking Tools
We can say all we like about how clicking on the wrong link could spell disaster for your business, but the unfortunate truth is that eventually you might encounter a situation where you are suspicious of a link that you simply aren’t sure of. In cases like these, you can use the following tools to test a link’s legitimacy before committing to it.
What’s the Problem Here?
You might choose not to trust a link for various reasons, but it’s even worse if you get something suspicious from somebody you know and trust. There is always the chance that someone you know has been compromised by a hacker or scammer and is sending links out in an attempt to scam you, too. If you cannot verify the identity of the sender by secondary means like a phone call, then use extreme caution.
This is particularly important to keep in mind in a business setting, too. You never know what kind of antics your team could be up to that could lead them to get themselves compromised, and if they fall victim to malware while in the throes of their workday productivity, the rest of your business could also fall prey to the threat.
How to Safely Identify and Copy a Link
First, let’s define what we are talking about with the links. A link is any text or graphic that is clickable and redirects you to another page in your browser. The link might start with https:// or it might just say click here or be hyperlinked text. It could also be embedded into an image or the text itself.
For example, if it is a link to PayPal, it might look something like this:
https://www.paypal.com/us/smarthelp/PAYPAL_HELP_GUIDE/getting-started-with-paypal-icf29
Or the link could also look something like this: Get Started with PayPal
Notice anything weird? This link actually directs you to some gag gifts on Amazon. The moral of this story is that just because a link says it goes somewhere, doesn’t mean it actually goes there.
It can be even harder to tell where a link goes if it is embedded in a graphic, icon, or button, but with a little know-how, you can check to make sure it’s safe. All you need is the full URL. To find it, use the following strategy:
On a Desktop or Laptop:
-Hover the mouse over the link.
-Right-click on the link.
-Select “Copy Link” or “Copy Link Address” or “Copy Hyperlink”
Now you have the link copied, and you can paste it into one of the following tools with CTRL+V (or right-click and select Paste)
On a Tablet or Smartphone:
-Be careful not to accidentally just tap the link to open it!
-Hold your finger over the link for a few seconds to pop up the context menu.
-Select “Copy Link” or “Copy link address” or “Copy Hyperlink”
Now that you have the link copied, you can paste it into one of the following tools by holding your finger down over the URL field within the tool and selecting Paste.
How to Check a Link Before Clicking On It
We recommend you cross-reference suspicious links with multiple tools just to be safe.
Norton Safe Web
A free online tool by Norton, you can use this to check a link. It will provide you with a rating for how dangerous it thinks the link is. If the link hasn’t been tested by Norton, however, you might want to check with a different tool. https://safeweb.norton.com/
PhishTank
PhishTank is a great website with a link checker that can tell you if it has been involved in a phishing scam. Phishing links often look legitimate, so they are harder to identify. For example, a Paypal phishing URL might use a page that looks just like the PayPal login page. You can access PhishTank here: https://www.phishtank.com/
Google’s Transparency Report
Since Google is constantly crawling and indexing pages with its search engine, it finds a lot of information about malicious websites and phishing risks in the process, all of which are documented in its transparency report. You can use the tool to see if your link is in the report: https://transparencyreport.google.com/safe-browsing/search
Scan the Link with VirusTotal
VirusTotal has a scanning tool that you might also find helpful if all else fails to give you a result. You can access this tool here: https://www.virustotal.com/gui/home/url
The only issue with checking a link is that, if it’s an undocumented phishing attack (and it might be), you might not be able to identify it. That said, it never hurts to check, so be sure to do so when you can, and always be careful.
If you need a second opinion on suspicious links and other security-related challenges a business might face, be sure to contact BNMC at (978) 482-2020.
Comments