Hello friends, I hope you all are doing fine. So in this post, I am going to show you how to quickly check if a link is safe or not.
Ever came to a situation where you need to visit a website but you don’t know whether it is safe to visit it or not?
Most probably you do have faced a situation where you did not know if the email attachment linked with the email is safe to download or not.
I am going to slip the guesswork away from this and show you exactly how to determine whether you should click that website link or not.
As you know that the Internet is evolving very rapidly day by day which means more new websites and webpages. As per some stats published by millforbusiness, the number of websites that are created in every minute is 380. That totals to 547,200 new websites that are published each day.
That is a very big number.
Not every website that is published on the Internet is for a good purpose, some websites are there to just steal your passwords or snatch your credit card details from you. So, it becomes very important to know which websites are safe and which are not.
So here are the methods on how to check if a link is safe or not.
How To Check Is This Link Safe
Opening an unsafe or malicious link could lead to serious trouble. It is a good move to take extra precaution before you click any suspicious link. Here is how to detect URL that you think might be malicious.
Method 1. Check The Real URL By Hovering Over The Link.
Sometimes you will get a link like this:
Now, simply over the above link and see at the bottom left corner of your browser window. You will see that the link does not go to www.google.com as most you might think at first. Instead, the link goes to www.bing.com.
The attackers use this simple method of masking URL’s to trick you into thinking that the link that you are going to click is trustworthy. So before clicking on any link that you think might be malicious, hover over it.
So, once you discover the real URL of the website, search it on the google search engine instead of visiting it by clicking on the link. This would eliminate the danger of visiting a phishing website. You can then check by the search results on the google page if the website you were trying to visit is safe or not.
To give an example here is a website which is a well known malicious site wiztrend (dot)(com).
When I searched about this website on Google here is what I got.
As you see that some pages that are appearing in the search results are in the Chinese language. Also, take a look a the website description. There is no description of the website. If it was a legit company then it would have some kind of description explaining their services an so.
But, since it is a phishing link they don’t care about putting a description. You can also try to search for this website on Google but don’t click on the link of the website. This is a proven phishing website by many URL scanners(don’t worry, you will learn next what it is and how to use it).
Now I would like you to go to the second page. Did you see anything? because I don’t.
This is the second hint that this website is not safe to visit. Normally a good website or a company would have a strong online presence and have lots of pages indexed in Google.
Needless to say that they would also have their social profiles set up like Facebook page, Tweeter account, Instagram, etc.
Method 2. Using The URL Scanners
The malicious URL’s could be passed to you through email, phone messages, WhatsApp messages, and so many different things. The security of your computer does not only depend on the antivirus software that you have installed but also on the awareness that you have about Cyber Security.
Visiting a URL that you don’t know where it leads is not a wise thing to do for any user online. This is the time when URL scanners or URL checkers come into place.
A link checker is basically a piece of online software that checks if a URL is safe to visit or not.
Basically, a link checker will crawl the webpage of the link that you enter and will tell you whether it is safe to visit. These URL checkers have cloud-based antivirus software installed that check a webpage for malicious content or phishing signals.
It is one of the best and the quickest way to check if a website is safe or not. If a link is leading to a phishing page or a website that will try to install ransomware on your computer, then these URL scanners will immediately let you know about it.
5 Best URL Scanners
So here is my pick of 5 best URL checker tools that will allow you to figure out that if a link is safe or not.
It is my number one preference to check any URL. Many of you probably might have heard about VirusTotal before. This is an awesome source where you can easily check if a website is safe or not. Simply put the link of the website into the bar and hit Enter.
This awesome online tool will check your URL with all the major antivirus software and web checkers all at one place. As you can see in the image below I checked a website and it showed me the following results.
If the link that you enter on VirusTotal has already been scanned before, you will get instant result. As you see in the image the link that I just checked for safety was last checked 5 days before.
Now, If you want to check the link again simply click on the refresh icon in the bar. But remember, it will take some time because the URL will be scanned by over 50 different antivirus software, which is pretty dope.
You can also check a local file using this VirusTotal, simply go to the File section and then upload your file to begin the scan.
To check if a website is safe or not, simply put in the URL of the website or a webpage into the Kaspersky VirusDesk. The link of the webpage will be scanned using the antivirus database of the Kaspersky Security Network. If the URL that you entered leads to a known threat or dangerous location then the VirusDesk will warn you for it.
Also, keep in mind that the VirusDesk or any other URL scanner will only show you the stat of a URL. It does not remove the virus or threat from that URL. When you are using VirusDesk you could possibly get three types of messages once the URL is scanned.
- The link is malicious or You risk losing your data by following this link.
This means that if you visit this link then your computer might get infected by malware or adware.
- The link is safe.
If you see this message then it is a green signal that you can visit that link. You don’t have to think is this link safe anymore. The links that show the results “The link is safe” are the ones that are proven to be safe. The Kaspersky Security Network have scanned these types of links before and they are safe to visit.
- No information found about the link.
When you get this message then it totally depends on you whether you want to visit the website or not. You can take the risk if you want to but generally, it is not recommended. However, you can also identify if the link is safe to visit by some other methods that I am going to discuss later in this post.
You can also drag and drop a file from your local storage to Kaspersky VirusDesk. But make sure that the size of the file is less than 50MB.
If your uploaded file is reported as dangerous by Kaspersky but you know that it is totally safe then you can report it as well. The Kaspersky team will analyze your file and will get back to you as soon as possible.
URLVoid is another great tool to check if a link is safe or not. Like all the other website scanners in the list, this tool also detects malicious websites. When you enter the URL of a website in the search box and hit enter the link is analyzed using 30+ blacklist engines.
These blacklist engines some of the most trusted and popular antivirus scanners. With URLVoid you can quickly find out the reputation of a website and figure out if a website is malicious. Once you submit a website for scanning a safety report is generated for that particular website.
The safety report contains all kinds of stuff, like the website’s IP address domain creation date, region, server location and much more.
If you see that a URL was scanned a long time before then you can click on the Rescan button to check the URL again. There is a possibility that a website was safe back then but may be affected by malware afterward.
With Site Safety Center you can check your URL reputation from a huge database. TrendMicro has done a great job in collecting and maintaining a huge database of domain-reputation. Simply paste or type the URL that you want to check.
Click on “Check Now” and the Site Safety Center will give one of the following four messages.
Safe – This means that the site has no malware or phishing link it and is safe to visit.
Dangerous – If you get this message then you better stay away from clicking the link that you just entered. This message only appears if the website or URL you entered has a malicious software or maybe a phishing link.
Suspicious – It is better to stay cautious when you “Suspicious” message for you entered URL. This message means that the URL that you entered has been compromised before or have some kind of association with spam email messages.
Untested – If the URL or website address that you entered was not included in the domain-reputation database it will be checked for the first time. This means you have to wait sometime before the actual result is available to you.
As you can guess by the name, this tool is coming straight from Google. Safe Browsing is a service offered by Google’s security team to identify a website that is not safe. Google examines billions of websites each day in the hunt for malicious and phishing websites.
Since so many new websites are released each day, Google strives to crawl those website URL’s and check if it is safe to visit or not.
If a website is unsafe then Google displays a warning when you try to open that URL.
Method 3. Using The URL Expander
So above I have listed some of the best URL scanners to check if a link is safe or not. You can use these URL scanners before visiting any suspicious website. If the website is malicious then these website scanners will inform you about that. But what if you get a link which looks like this.
this is a shortened URL. Means, the destination website address is masked under this short URL. The above example link leads to blog Hackingpress. This is a simple shortened link where you simply get redirected to the destination address.
To check a shortened URL before clicking it you can use a URL expander. A URL expander is a tool that unmasks the link behind a shortened link. The one that I use and is the most popular URL expander tool is CheckShortURL.
Simply put the shortened URL in the box and click on the Expand button. The website will show you the exact web address where that link leads to.
But in some cases, link shorteners requires a captcha to go to the destination URL. Unfortunately, those types of links cannot be checked using the CheckShortURL tool.
Extra Layer Of Defence
Using website scanners is a good way to check if a link is safe to visit or not. But sometimes these URL scanners don’t work or maybe you actively want to figure out the safety of a website.
So here are two ways that will tell you if a website is safe or unsafe. Basically, these are two chrome extensions that you can add to your browser for adding an extra layer of security when browsing.
It is one of the most popular security plugins for browsers. If you using Mozilla Firefox you can add the Avast Online Security plugin by clicking this link.
This plugin protects you from an unsafe website by warning you. It automatically scans every URL when you make any search on Google. You will see a green tick beside every Title.
A green tick means that the website is safe to visit. If a website has some signs of being malicious website the plugin will immediately warn you.
You can also see the ratings of each website that you visit. The Avast has a user base of over 400 million users. So you can pretty much guarantee that you will find some reviews for the website that you are trying to visit. You can also rate a website by clicking on the “Positive” button or the “Negative” button.
This is the first thing that you should do, checking the https in front of every URL that you are trying to visit. In the earlier days it was not mandatory to use HTTPS but due to the rising Cyber attacks and to make the web a safer place, pretty much every site owner is using HTTPS.
If you see a website that is using HTTP instead of HTTPS then you should not do any sensitive thing on that website. Providing your username or password on that website would be a silly thing to do. This is because your data will be transferred in a plain text that can be easily obtained by an attacker if he is sniffing the traffic of that website.
It is better to avoid using websites that don’t have HTTPS enabled.
This is where the HTTPS Everywhere plugin comes into place. This plugin will automatically redirect you to the secure version (HTTPS) of the website instead of HTTP. But the website owner must have installed a valid SSL certificate for this.
If a site has not installed a valid SSL certificate then this plugin can do nothing. Still, this plugin is of great use because many websites take you to the default version of the website which is HTTP.
How To Know If A Link Or Attachment In The Email Is Safe?
To check if the attached image or video file to your email is safe or not you have to be a little bit cautious. Here are a few questions that you should ask yourself in order to really determine if the email attachment is safe. But, even after going through all of these questions, if you still feel to open or download the attachment, you can still do that.
But not the regular way.
I will show you a method (but it can be overwhelming) with which you can open any attachment link and download the file to see if it is safe or not. And even if it is not safe and contains a virus you still won’t be affected by it.
But before moving to that method ask yourself these questions.
Who Sent The message?
Whether you were expecting the email from that person or company?
So, if the email was sent from a friend of yours or a company that you trust then it is most likely that the email is safe. Let’s say you asked your friend to send the recipe of their awesome pizza. And you were waiting for their email, then most probably the image or video attached with the email is safe to open unless you don’t trust your friend.
Another thing could be that you ordered an item from an online store and they sent you the invoice of your order. Then most likely it is not sent you to harm you in any way. You can safely open the email.
So what if you were not expecting the email from your friend or a company but you still receive it?
In this case, you should directly call your friend or the company to investigate the email sent. If they tell you that they haven’t sent you the email then there is something wrong.
This could be because their email address has been hijacked or someone has used the email spoofing to mock their email address. I have written a detailed guide on what email spoofing is and how to it is done. You can read it if you are interested. But just to give you a brief, email spoofing is the technique of mocking an email address.
What Is The Purpose Of The Message?
Do the message in the email is asking you to fill out your personal details?
Be very careful when you receive these types of messages. Most of the time nobody is going to ask you for your personal details or your credit card number on an email.
When you see a message saying that you have won the lottery of $1 million dollars and you just have to pay a few bucks to claim the amount…
…that is a big NO NO!
Beware of these kinds of emails. These are the phishing emails that are just to trick you into handing your credit card number to the attacker.
Here is a nice infographic explaining about malicious sites, URLs and phishing.
Rundown: Is This Link Safe
So this was all about how to check if a link is safe to click. You can use these methods to figure out whether a website is safe to visit or not. If a website is flagged by any of the URL scanners or you manually find that it is malicious then it would be better to avoid it. Unless you want deliberately want to download the malicious file just for expanding your knowledge of how it works.
I told you above that I will tell you a method through which you can download the malicious software on your computer and it won’t affect your files at all. So the trick to achieve this is by using a live version of an OS called Tails OS. Qubes OS is the other alternative. These operating systems are meant to run without being installed on your computer.
Unlike windows, these Linux distributions offer you to run the entire Operating System on your RAM using a feature called live version. If you want to test a malicious file or want to visit an unsafe website for testing purpose then these Operating Systems are the go-to weapons of the security professionals.
You can download the Tails OS or the Quebes OS and then create a bootable pen drive to run it live on your computer.
I hope this post helped you. If you liked the post, consider sharing it with the like-minded people. Also, do click on the bell icon on the left corner to subscribe to the blog notifications. If you have any questions then let me know in the comment section.