How to Check if a Link Is Safe: 6 Effective Methods to Check URL + Secure Browsing Tips
- Use a Link Checker Tool.
- Make Sure the Site Uses HTTPS.
- Look for Legit Contact Information.
- Examine Google Reviews.
- Check the Domain Age and Ownership.
- Utilize a Backlink Analysis Tool.
- 0.1 How do you verify a link is safe?
- 0.2 How do I know if a link is unsafe?
- 0.3 What is an unsafe link?
- 1 Should I click on a suspicious link?
- 2 How do you check if a website is phishing?
- 3 What makes a link suspicious?
- 4 What is a verified link?
- 5 What if I accidentally clicked on a suspicious link on my phone?
Use a URL checker Google has its own version of a URL checker called Google Transparency Report. To check the safety of a link, all you have to do is safely copy the link and paste it into Google’s URL checker. To safely copy a link, right-click and choose ‘copy’ from the options that appear.
1. Use a website safety checker – To quickly check if a site is legit or a specific URL is safe, use a website safety checker like Google Safe Browsing, According to Google, their website checker “examines billions of URLs per day looking for unsafe websites,” which makes this a great website safety-check tool. Google knows the web — that’s why its site checker is so accurate. A similar unbiased safety tool is VirusTotal’s free website security checker, which inspects sites using over 70 antivirus scanners and URL/domain blacklisting services. This link checker for viruses detects various types of malware, computer viruses, and other security threats. Is this website legit? VirusTotal has answers. Whichever legit website checker you choose, bookmark the page to use later — it’s important to test if a site is legit before you do anything sensitive, like enter your credit card details.
Check if a website is safe in Safari –
- Go to the website you want to visit.
- Tap the to open the Tools pop up window.
- From the list, tap Scan Website, Mobile Security will scan the website and display if the page is Safe or Dangerous,
5 URL Warning Signs to Watch For Not all URLs are created equal. Malicious URLs are lurking in emails, text messages, social media posts, pop-up windows, and more. Scammers create and distribute these links and try to trick users like you into clicking.
- Once you get to their sites, you can be exposed to malicious software, viruses, and other dangerous content.
- Dangerous links lead you to dangerous sites and put your data, your computer, and your network in harm’s way.
- And though it can be difficult to distinguish a safe URL from a malicious one, there are warning signs you can watch for.
Keep these five points in mind when you come across an unknown URL:
How can you know if you’ve clicked on a phishing link? – Before you panic, you need to make sure that it was actually a phishing link that you clicked on. To determine if you’ve received a phishing link, look for inconsistencies in the sender’s email address, links and domains.
Hover your cursor over the link before clicking to preview the URL that it leads to (likely in a pop-up near your cursor or bottom corner of your screen). If the domain doesn’t exist, that’s highly suspicious, and it’s likely to be a phishing link, Other red flags that can identify a phishing link can include unusual or urgent requests and error-filled language within the email itself,
To know for sure if you’ve clicked on a phishing link, you can also scan your device for malware to see if any malicious files have been downloaded.
What Does a Phishing Email Look Like? – According to the FTC, there are several telltale signs of phishing. These include:
- Claiming there is a problem with your payment information, Scammers purport to be customer service agents from retailers like Amazon or Apple, utility companies, or even your home security company. They’ll tell you that your payment has been declined or that someone has breached your account.
- Asking you to confirm financial or personal information, The goal of phishing campaigns is to obtain personal data. For this very reason, banks, health insurance companies, and merchants won’t ask you for this kind of information over the phone.
- Telling you that they’ve noticed suspicious activity on your account, Fraudsters try all sorts of methods to make you react. Telling someone that they’ve been hacked elicits anxiety — to the point that victims will be afraid to ignore the warning and comply with a scammer’s instructions.
- Sending you a fake invoice, Another phishing tactic is to send you an invoice via email. Most recipients tend to be curious about such charges. When they can’t come up with an answer, their impulse is to dispute it using the scammer’s fraudulent links.
- Offering an unbelievable discount or free product, As the adage goes, if it’s too good to be true, it probably is. Clicking on suspicious links can inject malware into computers or phones that enable fraudsters to record account numbers and passwords.
- Saying that you’re qualified for a government refund, These types of phishing scams happen every year around late spring and early summer. At that time, people expect refund checks and are more likely to believe that any emails about refunds are coming from the Internal Revenue Service (IRS).
- Directing you to click on links, Scammers know that consumers are getting savvy. To bypass detection, scammers use HTML code obfuscation or phishing sites with HTTPS to camouflage phishing,
- Using unfamiliar greetings, Most scammers broadcast phishing campaigns to the masses. Because they don’t necessarily know everyone’s name, the greetings on these messages may be generic such as “Sir” or “Madam,” or otherwise unusual.
Disturbingly, the latest versions of ChatGPT and other AI tools have made it easy for anyone to produce instantaneous, high-volume phishing content, Cybercriminals can recreate malware strains, tweak existing scripts, and even create marketplaces on the Dark Web — all without any coding experience.
What Happens After You Click a Phishing Link? – Malicious links contain malware that may get on your device. You may not detect when or how it happened. Once you click the link or open the attachment, the virus enters your system. With the malware installed, it:
Picks and sends your credit card details and other information to the hacker. Harvests and sends other malicious links to your contact list. Provide the scammer with unrestricted access to your device.
If the attackers get your information, you might get calls or messages that need you to take more action. In addition, once the scammer knows you are vulnerable, the attacks may reoccur in the future. So, it is critical to end conversations with the attacker or delete any downloaded file.
These previews can potentially leak sensitive data, expose devices to malware, and be a major drain on cellular data. To generate a preview, the app or proxy downloads and copies information off of the URL, saving the information on their servers.
Step 4: Change your passwords – Try immediately changing your passwords right away if you clicked on a phishing website and provided any personal information, such as your login, and password. This will stop the scammer from getting into any of your accounts. Use a strong, original password that you’ve never used before. To create and save safe passwords, you can use a password manager.
What malware could be downloaded after clicking a phishing link? – When threat actors send a phishing email, assuming they aren’t impersonating someone else and trying to get a fake invoice paid, they usually have one of two main objectives:
To get the victim to submit information To get them to download a malicious file
Upon clicking the link, malware can be downloaded onto the user’s device to spy on their activity or collect their data. The malware will appear to run as a legitimate download. It can then hide in legitimate folders and not do anything malicious instantly, leaving the victim thinking they just opened a remittance pdf.
Ransomware could also be used to lock users out of a system encrypt data, with a payment demanded for the decryption key. Another scenario, is upon clicking the link, the user is taken to a (spoofed) login page that looks pixel perfect. After entering the credentials to log in, the attacker receives the information in plain text, and the user redirects to another web page (often the real version of the spoofed site).
The attacker can then use those credentials for account takeover or sell them on to other cybercriminals. Learn how to identify a phishing website here,
Spammers use character combinations to trick you into tapping on links. These links may appear to go to legitimate websites, but actually take you to a malicious site. Here is an example of a suspicious link: https://ẉhatsapp.com/free-tickets.
Frequently asked questions – I access my Gmail account through the connected accounts feature in Outlook.com. Will the advanced security features work for me? No. Third-party email accounts such as Gmail and Yahoo Mail are not covered by the advanced security features. I access my Gmail account using the Outlook app for iOS or Android, Mail for Windows 10, or Outlook 2016 for PC or Mac. Will the advanced security features work for me? No. Third-party email accounts such as Gmail and Yahoo Mail are not covered by the advanced security features. Can I share the security features with others as part of my Microsoft 365 Family subscription? Yes. With an Microsoft 365 Family subscription, you can share the benefits with up to 5 others. If the people you’ve shared with have Outlook.com mailboxes, they’ll get the benefits automatically. Learn about sharing subscription benefits. Why do links in my messages look different? After you activate the advanced security features, links in your email might look different. For example, in some messages links might appear longer than usual, and include text such as “na01.safelinks.protection.outlook.com.” This is related to the checks we perform to protect you from phishing attacks. Can I turn off Safelinks? To provide the best protection for your account, Safelinks are on by default. You can turn them off by signing in to https://outlook.live.com, Then select Settings > Premium > Security, There’s a toggle under Advanced Security that you can use to turn off Safelinks. Note that turning off Safelinks will only affect future messages you receive. It won’t change the link format in messages you’ve already received.
Damage control – If, after a bit of digging, you’re convinced you’ve been fooled by a phishing attack, it’s time to do a bit of damage control. Don’t provide any personal information: If the link has taken you to a page asking you to fill in your details, avoid this at all costs.
- This gives the hacker precisely what he’s after.
- Disconnect from the internet: Clicking on the link may have triggered malware to be downloaded, so it’s a good idea to disconnect from whatever WiFi you’re using to avoid malware moving across the network onto other devices.
- Back up: Ideally, you back up regularly anyway, so this doesn’t necessarily have to be a complete device backup, but if malware has been downloaded onto your device, chances are it could wipe or damage your data.
Backing up important data can be done using an external hard drive or USB and will prevent you from losing everything in the case of a data breach. Check for malware: Whether you suspect malware or not, it’s always best practice to scan your system for viruses that might have been downloaded when you clicked on the phishing link.
- Most operating systems already have built-in antivirus software, which you can use to check if any harm has been done.
- If you don’t have any malware scanning software, there are plenty of free and paid options online, but you should use another device to download the software online and then, with a USB, transfer it across to the affected device.
You mustn’t reconnect the original device to the internet to avoid any malware spreading. Change Passwords: Hackers can access your credentials via phishing links, so if you think you clicked on one, changing your online passwords, particularly to things like bank accounts, is essential to avoid further damage.
How do you check if a website is phishing?
Always check the URL of the website you are visiting. Phishing websites often have URLs similar to legitimate websites but with slight variations. For example, instead of ‘paypal.com,’ the URL might be ‘paypa1.com.’
Suspicious links – You can spot a suspicious link if the destination address doesn’t match the context of the rest of the email. For example, if you receive an email from Netflix, you would expect the link to direct you towards an address that begins ‘netflix.com’. Image: MailGuard In this example, the scammers are claiming that there is an issue with the recipient’s Netflix subscription. The email is designed to direct them to a mock-up of Netflix’s website, where they will be prompted to enter their payment details.
- The fraudsters achieve two things by including the link within a button that says ‘Update account now’.
- First, it makes the message look genuine, with buttons becoming increasingly popular in emails and websites.
- But more importantly, it hides the destination address, making it a hyperlink.
- To ensure you don’t fall for schemes like this, you must train yourself to check where links go before opening them.
Thankfully, this is straightforward: on a computer, hover your mouse over the link, and the destination address appears in a small bar along the bottom of the browser. On a mobile device, hold down on the link, and a pop-up will appear containing the link.
What are Verified Links? These are links from a website to an external service where that external service is typically paid for and owned by the domain.
Contact Your Bank – What to do if you clicked on a phishing link on iPhone/Android phone, or PC? Another thing is to contact your bank to block all transactions, especially if you submit information about your bank card via the given phishing links. This can prevent financial loss to a great extent.